/linkedfs/usr/share/doc/helpdocs.htm
HTML | 3436 lines | 3329 code | 52 blank | 55 comment | 0 complexity | 4c2861db8a40a8cae313c8b03843871c MD5 | raw file
Possible License(s): GPL-2.0, MIT, LGPL-3.0
- <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
- <html><head>
- <meta http-equiv="content-type" content="text/html; charset=UTF-8">
- <title>Trinity Rescue Kit | CPR for your computer | Trinityhome | </title>
- <style type="text/css">
- /* ========================================================*/
- /* Vision.To CMS / www.vision.to */
- /* SPECIAL CSS PRINT STYLE BY www.vision.to */
- /* ========================================================*/
- body {
- text-align: left; /* IE Only */
- margin: 0;padding: 0;
- color: #000;
- font-family: Georgia, "Times New Roman", Times, serif;
- font-size: 12pt;
- }
- /*---------------------------------------------------------------*/
- #print-wrapper {
- margin-top:0;
- padding: 2px;
- margin-left: 0;
- margin-right: auto;
- width: 600px;
- min-width:598px;
- border: 1px none #ddd;
- text-align: left;
- background:#fff;
- color:#000;
- }
- }
- /*---------------------------------------------------------------*/
- #print-header {
- /*clear: both;*/
- border-bottom: 1px solid #ddd;
- padding: 0.5em;
- margin-bottom: 2px;
- }
- /*---------------------------------------------------------------*/
- #print-content {
- /*float: left;*/
- width: 100%;
- position: relative;
- /*
- margin-left: auto;
- margin-right: auto;
- */
- text-align: left;
- color:#000;
- padding: 0.5em;
- min-height:650px;
- height:expression(this.scrollHeight > 650 ? "auto":"650px");
- }
- /*---------------------------------------------------------------*/
- #print-footer {
- text-align: center;
- color: #000;
- margin-top: 2px;
- padding: 0.5em;
- /* line-height: 1.2em; */
- clear: both;
- border-top: 1px solid #ddd;
- }
- .brclear {
- /* Use a break with this class to clear float containers- Thank You Big John :-) positioniseverything.net */
- clear:both;
- height:0;
- margin:0;
- font-size: 1px;
- line-height: 0;
- }
- </style>
- <meta content="text/html; charset=UTF-8" http-equiv="CONTENT-TYPE"><title></title><meta content="OpenOffice.org 3.1 (Unix)" name="GENERATOR"><meta http-equiv="CONTENT-TYPE" content="text/html; charset=UTF-8"><title></title><meta name="GENERATOR" content="OpenOffice.org 3.1 (Unix)"><meta http-equiv="CONTENT-TYPE" content="text/html; charset=UTF-8"><title></title><meta name="GENERATOR" content="OpenOffice.org 3.1 (Unix)"><meta content="text/html; charset=UTF-8" http-equiv="CONTENT-TYPE"><title></title><meta content="OpenOffice.org 3.1 (Unix)" name="GENERATOR"><meta http-equiv="CONTENT-TYPE" content="text/html; charset=UTF-8"><title></title><meta name="GENERATOR" content="OpenOffice.org 3.1 (Unix)"><meta http-equiv="CONTENT-TYPE" content="text/html; charset=UTF-8"><meta name="GENERATOR" content="OpenOffice.org 3.1 (Unix)"><meta http-equiv="CONTENT-TYPE" content="text/html; charset=UTF-8"><meta name="GENERATOR" content="OpenOffice.org 3.1 (Unix)"><meta http-equiv="CONTENT-TYPE" content="text/html; charset=UTF-8"><meta name="GENERATOR" content="OpenOffice.org 3.1 (Unix)"><meta http-equiv="CONTENT-TYPE" content="text/html; charset=UTF-8"><title></title><meta name="GENERATOR" content="OpenOffice.org 3.1 (Unix)"><meta http-equiv="CONTENT-TYPE" content="text/html; charset=UTF-8"><title></title><meta name="GENERATOR" content="OpenOffice.org 3.1 (Unix)"><meta content="text/html; charset=UTF-8" http-equiv="CONTENT-TYPE"><title></title><meta content="OpenOffice.org 3.1 (Unix)" name="GENERATOR"><meta http-equiv="CONTENT-TYPE" content="text/html; charset=UTF-8"><title></title><meta name="GENERATOR" content="OpenOffice.org 3.1 (Unix)"><meta http-equiv="CONTENT-TYPE" content="text/html; charset=UTF-8"><title></title><meta name="GENERATOR" content="OpenOffice.org 3.1 (Unix)"><meta http-equiv="CONTENT-TYPE" content="text/html; charset=UTF-8"><title></title><meta name="GENERATOR" content="OpenOffice.org 3.1 (Unix)"><meta http-equiv="CONTENT-TYPE" content="text/html; charset=UTF-8"><title></title><meta name="GENERATOR" content="OpenOffice.org 3.1 (Unix)"><meta content="text/html; charset=UTF-8" http-equiv="CONTENT-TYPE"><title></title><meta content="OpenOffice.org 3.1 (Unix)" name="GENERATOR"><meta content="text/html; charset=UTF-8" http-equiv="CONTENT-TYPE"><title></title><meta content="OpenOffice.org 3.1 (Unix)" name="GENERATOR"><meta content="text/html; charset=UTF-8" http-equiv="CONTENT-TYPE"><title></title><meta content="OpenOffice.org 3.1 (Unix)" name="GENERATOR"><meta http-equiv="CONTENT-TYPE" content="text/html; charset=UTF-8"><title></title><meta name="GENERATOR" content="OpenOffice.org 3.1 (Unix)"><meta content="text/html; charset=UTF-8" http-equiv="CONTENT-TYPE"><title></title><meta content="OpenOffice.org 3.1 (Unix)" name="GENERATOR"><meta content="text/html; charset=UTF-8" http-equiv="CONTENT-TYPE"><title></title><meta content="OpenOffice.org 3.1 (Unix)" name="GENERATOR"><meta content="text/html; charset=UTF-8" http-equiv="CONTENT-TYPE"><title></title><meta content="OpenOffice.org 3.1 (Unix)" name="GENERATOR"><meta content="text/html; charset=UTF-8" http-equiv="CONTENT-TYPE"><title></title><meta content="OpenOffice.org 3.1 (Unix)" name="GENERATOR"><meta http-equiv="CONTENT-TYPE" content="text/html; charset=UTF-8"><title></title><meta name="GENERATOR" content="OpenOffice.org 3.1 (Unix)"><meta http-equiv="CONTENT-TYPE" content="text/html; charset=UTF-8"><title></title><meta name="GENERATOR" content="OpenOffice.org 3.1 (Unix)"><meta content="text/html; charset=UTF-8" http-equiv="CONTENT-TYPE"><title></title><meta content="OpenOffice.org 3.1 (Unix)" name="GENERATOR"><meta content="text/html; charset=UTF-8" http-equiv="CONTENT-TYPE"><title></title><meta content="OpenOffice.org 3.1 (Unix)" name="GENERATOR"><meta content="text/html; charset=UTF-8" http-equiv="CONTENT-TYPE"><title></title><meta content="OpenOffice.org 3.1 (Unix)" name="GENERATOR"><meta http-equiv="CONTENT-TYPE" content="text/html; charset=UTF-8"><title></title><meta name="GENERATOR" content="OpenOffice.org 3.1 (Unix)"><meta content="text/html; charset=UTF-8" http-equiv="CONTENT-TYPE"><title></title><meta content="OpenOffice.org 3.1 (Unix)" name="GENERATOR"><meta content="text/html; charset=UTF-8" http-equiv="CONTENT-TYPE"><title></title><meta content="OpenOffice.org 3.1 (Unix)" name="GENERATOR"></head><body>
- <div id="print-wrapper">
- <div id="print-header">
- <h1><img src="helpdocs_files/200610190000370.gif" alt="image" class="BartsCmsImage" height="135" width="140"> Trinityhome</h1>
- </div>
- <div id="print-content">
-
- <div id="page-container" class="page-container"><!-- open page-container -->
- <h1 class="page-title">Trinity Rescue Kit | CPR for your computer</h1>
- <div class="page-content">
- <a href="#K94N78PT0VFVLYYDHBV9JJ0N7EUA3RSDQMRNK66BSCW41">Getting started with TRK</a><br><a href="#E3JEBK6FCRUYGL65MT9YXJBJ20Z7EK5IEFNFQKKS25G8H">0. Quick and dirty guide to using TRK</a><br><a href="#841YA21RBZPBCRPIQGT0BYCFWYCIELPDGF1G8SY9GCAJU">0.1 The easiest way to get it onto a CD: a self burning TRK</a><br><a href="#YUU68L1SK1TXA04XDZX4MPPJJXTUJZP8J95IKX0WNJIN9">0.2 Burning TRK with Magiciso</a><br><a href="#NDQL3ZBZYMUVVWYN4348DUF9650TV0083FKX5LMUY6EJS">0.3 Booting from TRK</a><br><a href="#BL8Q8FN81J34KW4EMG9IHTQJZ2L5J22LD02C6FAXQ4S0Q">0.4 Resetting passwords</a><br><a href="#48H6PKLBPTE32K9P95Q4T4MADLMZA6W5431IEDKTWQLN0">1. TRK for Linux newbies</a><br><a href="#2FK5NB4F87EHQWYKAJWGIQZLFA53HWY9185EAZJ9XPGCA">1.1 What is TRK? What 's a live distribution?</a><br><a href="#BVJ9IR04WMV4XH1MSM34S6T8MGH4JW8KHHKQYBKKN6FBD">1.2 What is different between accessing your PC from Windows and accessing from TRK?</a><br><a href="#WQKZJKT0E8QJQM9HJZ4WTYKI5DK0ZDBLUMB3YUU2S9B7M">1.3 Getting around with common linux commands (cd, cp, mv, rm, more, grep, mount)</a><br><a href="#M69SKN1KBY3NSX3XG2DPJ306MHH6EL0SIZ9UD05EPYT7K">1.4 Reading information about your PC (dmesg, /proc/partitions)</a><br><a href="#QBRDPTSD001QIT0CN3AHZ75WRJKLINJYQ024JJ8A9ZQIH">2. TRK own commands and utils</a><br><a href="#XFPUBF4W6TFSCHXH5RXKMFAR0BVLGLR3S6NTBHF71KQ3T">2.1 Virusscan</a><br><a href="#HW79FF1ZME1FBEY6DVXDG60JAJVNKK6T64SB9I0MMSSPW">2.2 Winpass and regedit</a><br><a href="#SI14T7V9WN984HEA7MUC0E8RMGDSNVN63F0LCLKYZKWTS">2.3 Mass Clone: a multicast disk cloning tool</a><br><a href="#VZX1W3W6015LZRZ127YCKFJS9LX59AAU0YKLR6IHYETNW">2.4 Winclean</a><br><a href="#TTVJRRE5QQRJBVB2F61R719J0CHFRFVAZGJFXPBD4SM6D">2.5 Mountallfs</a><br><a href="#HH1WPPJEI4DHJTAHXPSYR3637JMCUVX22NNH2YLBSPI18">2.6 Updatetrk</a><br><a href="#DNEHBFA6ISQPQUF15A9HX1XVYX82E8LIMQQNVRJ480INJ">2.7 Trk2usb</a><br><a href="#WM8PAWXULFITSRN0X6I1YVCLB9IA41FQDD5E0TYBZ7VGP">2.8 Trk2iso</a><br><a href="#EGNT0M1F9DJ7XUB34LIEU8DXZVGDWEW0K9IAMAFLDQJ09">2.9 Fileserver</a><br><a href="#20T4DLR6P2JZL5SVUKVM5FB7MQPKJQUCFC6INMF3FQSSK">2.10 Bridge</a><br><a href="#PSTEW6D05PZF2FK7VHGLCYWQZWP8T538NMCAJF0FVPLMV">2.11 Setip</a><br><a href="#WU8QP3M0YGLR9XQ8V4MW69X4SZF6ZM1L701LTECHLNZLB">2.12 Setproxy</a><br><a href="#C3E9S86L5Q2DV4J2X7FRSW3NCGQ426N40T3HR0UMGLR1F">2.19 Ntfsundeleteall</a><br><a href="#MFRIGTQ75RPR5IIC4TXNKUF95JATHDEUIV3PEIMA01RV9">2.13 Getswap</a><br><a href="#U49HULJB0RZJRSQX054MZS1LH8P05M7QG7X0I628MRH48">2.14 Trinisup</a><br><a href="#FKJT61FZ5GVCPWKXWTXSLUF6CQM3YVP36YM2QSRKZCNEY">2.15 Pi - automated backup wrapper script originally for Partition Image</a><br><a href="#3HU5ZWWY8SYP7AEGNHT9CEDCSWG7RQEJXZELK1AJJYYGZ">2.20 Clonexp (obsoleted by mclone)</a><br><a href="#4WP777Y6KKDSK5E2140SK6QED0J74GSY26W03JWEV0X5V">3. Procedures</a><br><a href="#LIAT4IG4QYXT3EP1K2EVX276MK95G33SC3B7CH1S6NBZT">3.1 Rescueing files of dying harddiscs (mounting network => cp, ddrescue)</a><br><a href="#QVQWIA3HK45X8M47KB6N7V5KDDAWB7HSSYD1Y78814V0G">3.2 Recovering deleted files or files from formatted drives (ntfsundeleteall, photorec)</a><br><a href="#7PFVZK0Q4R5TZMDJ351RJA8VHEBE66K4KQP91EPVWKEKX">3.3 Recovering lost partitions (testdisk, gpart, fdisk)</a><br><a href="#L5ICUK4HDV6QAJA1ISR37W4DEYAHUY95TI8CT3KXNHCPR">3.4 Bootsector repair</a><br><a href="#UHPDX3JS857PC91QX5QDU7JHMFX9NFZ8NECA7MT6HQKJQ">3.5 Manually cloning a Windows installation</a><br><a href="#JVI22F4QK5AFSUR3MHQC9ZW33AWHWA05W9XNES3PN4V5N">3.6 Hardware testing</a><br><a href="#4PL88HNFBZGXK7BHVL44UCJIPXXUD8I7MU5L2JR38YRJW">3.7 Virus scanning</a><br><a href="#AKDLI8WEFV4L96NMKIKSXE2ZQWDFRHLSTQ42PQ6UB16AX">3.8 Manual PC cleaning</a><br><a href="#ZTZJTNZS1Z028YDFIX59T2IQNHU57JDW236KHV38JU1IH">4. Boot time options and triggers</a><br><a href="#Z034WGIXRNSS0HJZYHKU5ED0RRGXKGQA7I4TQDF6RYPH6">4.1 Boot menu options</a><br><a href="#EUGBVSAKSIDQ4SSW21D1CDTZC5RKS0DXKJY51ZFJ7J022">4.2 Triggers</a><br><a href="#9PAH415576DS0RB2Z5DH8AQ1XFD42G21V39QU4LS1P9S6">4.2.1 The TRK options server: make your lan TRK aware</a><br><a href="#CA4YM8MPTJ078B4RZR3V7NZDL7WUM33Q4XDGWQVE0KCZM">4.2.2 Scripts on the computer's local harddisks</a><br><a href="#B8MI3TRVGJ2SY2XHN562I89WYSUF20I4ZWCSETDL364RY">4.2.3 Script on the TRK medium</a><br><a href="#SMFWK0I2J980KIYM9IK3CSPF1J06UQ3C29YDZ75874YID">5. Upgrade, update and change of bootmedia procedures</a><br><a href="#VCMNDG08JQ9JED3YXFLITGXVHLRRQIXBL9PPFEMQUMZZR">5.1 TRK on CD</a><br><a href="#FIRS44G0F6QRJDGPU467B1R5DHKC3QV9ZCRU6XJBUZS43">5.2 How to install/upgrade your USB media to run the latest version of TRK</a><br><a href="#DJQBVW3TV8F9F6T9P2QZJ9WFCCVH0HU3SA5CWYWHX2G2Z">5.3 Setting up your PXE boot environment</a><br><a name="K94N78PT0VFVLYYDHBV9JJ0N7EUA3RSDQMRNK66BSCW41" ="" id="K94N78PT0VFVLYYDHBV9JJ0N7EUA3RSDQMRNK66BSCW41"></a><h1>Getting started with TRK</h1><h2><span style="font-size: 10pt; font-family: Arial;"><o:p></o:p></span>Foreword and conventions of this documentation:</h2>
- <h3>Consulting help</h3>
- <p>-Trinity Rescue Kit 3.4 has manpages for almost every utility, even
- the ones specific to TRK (new since 3.4). So if you need help on a
- certain command, like f.i. Winpass, just type 'man winpass' at the
- commandline. All manpages themselves are always online available at
- http://trinityhome.org/manpages</p>
- <p>-This helppage is also available as a single document locally on the TRK medium. <strong>You can call on this documentation as one big page from TRK by typing 'trkhelp'</strong>
- at the command prompt (or chosen from the startup menu). This will
- start the builtin Links browser in graphical mode opening all of the
- documentation at once. To be able to switch between this help and your
- commandprompt, you must be in text mode</p>
- <p>Most commands also have a built-in help. Most of the time 'command -h' or 'command –help' will help you a lot further.</p>
- <p><br>
- Use the key "q" to quit links and type 'trkhelp -t' to run in text
- mode. Once in textmode, use alt+F2 to go the second console of TRK. In
- total there are 6 consoles, each switchable with their respective alt+
- function key.<br>
- If you are not online, you can consult the local documentation which is on the TRK medium by entering 'trkhelp -l'. <br>
- You can combine these two parameters: 'trkhelp -l -t' gets you the local helpfiles in textmode.</p>
- <p>-All TRK manpages are also available online in html format. Browse them here: <a href="http://trinityhome.org/manpages/">http://trinityhome.org/manpages/</a></p>
- <h3> <br>
- Conventions</h3>
- <p>-literal commands that you can execute in TRK or Linux are put
- between 'single quotes'. Omit the quotes when using the real
- commandline. Exceptions on these quotes will be mentionned (when single
- quotes really appear in the command).<br>
- <br>
- -"double quotes" are used to emphasise words, unless they are used inside commands.<br>
- <br>
- -<trkmedium> stands for the rootfolder of the medium on which TRK
- runs. TRK can be run from CD, usb stick/disk, fixed harddisk or from
- network over PXE. These specific bootmethods will be explained later in
- this document.<br>
- <br>
- -this documentation is intended for people who at least have some
- experience with computer troubleshooting or know how to install their
- own Windows. If you have absolutely no idea of this, I recommend you
- call someone who knows more.</p>
- <p> </p><br><a name="E3JEBK6FCRUYGL65MT9YXJBJ20Z7EK5IEFNFQKKS25G8H" ="" id="E3JEBK6FCRUYGL65MT9YXJBJ20Z7EK5IEFNFQKKS25G8H"></a><h1>0. Quick and dirty guide to using TRK</h1><p>This
- page is intended for the really impatient who are passing by here and
- probably just want to reset a password in Windows. The procedures
- assume you are using MS Windows.</p>
- <p>I'll make sure I don't type too much text for you to read.</p>
- <h2>In short...</h2>
- <p>TRK is not a software you install on your computer in Windows
- but rather a completely independent operating system based on Linux and
- which runs from CD (or USB stick or network).</p>
- <p>To get the latest version of TRK, go to the download page or download the latest copy here.</p>
- <p>The quickest way to get you running TRK is to download and run the self-burning TRK version.</p>
- <p>If you want to see how the self burning of TRK is done, see the page on <a href="https://trinityhome.org/Home/index.php?content=0.1_THE_EASIEST_WAY_TO_GET_IT_ONTO_A_CD_A_SELF_BURNING_TRK&front_id=19&lang=en&locale=en">0.1 Self burning TRK</a></p>
- <p>Should you want to burn the iso with a 3rd party software called magiciso, see <a href="https://trinityhome.org/Home/index.php?content=0.2_BURNING_TRK_WITH_MAGICISO&front_id=19&lang=en&locale=en">0.2 Burning TRK with Magiciso</a></p>
- <p>For booting from TRK, see <a href="https://trinityhome.org/Home/index.php?content=0.3_BOOTING_FROM_TRK&front_id=19&lang=en&locale=en">0.3 Booting from TRK</a></p>
- <p>For password resetting, see <a href="https://trinityhome.org/Home/index.php?content=0.4_RESETTING_PASSWORDS&front_id=19&lang=en&locale=en">0.4 Resetting passwords</a></p>
- <p>If you know how to burn an isofile, skip section 0.1 and 0.2.</p>
- <p>If you know how to boot from CD, skip section 0.3</p>
- <p>For password resets, you can equally skip section 0.4 because
- TRK 3.4 now has a simple menu from which you can select whatever
- you need to do.</p>
- <p> </p><br><a name="841YA21RBZPBCRPIQGT0BYCFWYCIELPDGF1G8SY9GCAJU" ="" id="841YA21RBZPBCRPIQGT0BYCFWYCIELPDGF1G8SY9GCAJU"></a><h1>0.1 The easiest way to get it onto a CD: a self burning TRK</h1><p>-Download and save the latest copy of the self-burning TRK, e.g. "trinity-rescue-kit.3.4-build-366.exe"</p>
- <p>-Doubleclick on "trinity-rescue-kit.3.4-build-366.exe"</p>
- <p>Now see the screenshots</p>
- <p> Ok, you've put your blank CD in the tray, now answer yes
- and see all of the next screens pass by. There 's no more work for
- you on the burning part!</p>
- <p><img src="helpdocs_files/10-selfburn-trk.jpg" alt="" height="138" hspace="5" vspace="5" width="587"></p>
- <p><img src="helpdocs_files/11-selfburn-trk.jpg" alt="" hspace="5" vspace="5"></p>
- <p> </p>
- <p><img src="helpdocs_files/12-selfburn-trk.jpg" alt="" hspace="5" vspace="5"></p>
- <p> </p>
- <p><img src="helpdocs_files/13-selfburn-trk.jpg" alt="" hspace="5" vspace="5"></p>
- <p> </p>
- <p><img src="helpdocs_files/14-selfburn-trk.jpg" alt="" hspace="5" vspace="5"></p>
- <p> ...and that 's it, now boot from it.</p><br><a name="YUU68L1SK1TXA04XDZX4MPPJJXTUJZP8J95IKX0WNJIN9" ="" id="YUU68L1SK1TXA04XDZX4MPPJJXTUJZP8J95IKX0WNJIN9"></a><h1>0.2 Burning TRK with Magiciso</h1><p>There
- are many other programs that can burn ISO files to a CD. Magiciso is
- just used as an example because it's one of the most easy to
- use. An alternative might be the very lightweight <a href="http://www.terabyteunlimited.com/downloads-free-software.htm">BurnCDCC</a> or another free and full blown CD writer is <a href="http://cdburnerxp.se/">CD Burner XP</a>.<br>
- Users from Windows 7 can just burn an ISO to disk without installing any additional software.</p>
- <p>Remember that to install programs or run the self burning TRK, you have to be an administrator of your local computer.</p>
- <p>The screenshots speak for themselves</p>
- <p>1<br>
- <img alt="" src="helpdocs_files/01-wwwmagicisocom.jpg" hspace="2" vspace="2"></p>
- <p>2<br>
- <img alt="" src="helpdocs_files/02-wwwmagicisocom.jpg" hspace="2" vspace="2"></p>
- <p>3<br>
- <img alt="" src="helpdocs_files/03-mi-disclaimer.jpg" hspace="2" vspace="2"></p>
- <p>4<br>
- <img alt="" src="helpdocs_files/04-burn1.jpg" hspace="2" vspace="2"></p>
- <p>5<br>
- <img alt="" src="helpdocs_files/05-open-file.jpg" hspace="2" vspace="2"></p>
- <p>6<br>
- <img alt="" src="helpdocs_files/06-burn2.jpg" hspace="2" vspace="2"></p>
- <p>7<br>
- <img alt="" src="helpdocs_files/07-burn3.jpg" hspace="2" vspace="2"></p>
- <p>8<br>
- <img alt="" src="helpdocs_files/07-burn4.jpg" hspace="2" vspace="2"></p><br><a name="NDQL3ZBZYMUVVWYN4348DUF9650TV0083FKX5LMUY6EJS" ="" id="NDQL3ZBZYMUVVWYN4348DUF9650TV0083FKX5LMUY6EJS"></a><h1>0.3 Booting from TRK</h1><p>To
- be able to boot from TRK, I can give you a few tips, but there is
- never 1 uniform way on how to do it because every computer is different
- and every brand has different shortcut keys.</p>
- <p>In many cases, the fact that the CD with TRK is in your CD tray
- when you boot your computer might be enough to get it booting from it.</p>
- <p>In other cases, you get the option to select the bootdevice at
- startup. Depending on the brand, this might be with any different
- function key or even "esc" and "enter". Most of the time, the
- power on screen tells you what key to press.</p>
- <p>Ultimately you must set the bootsequence in the bios of the
- computer. The bios is basic configuration of a computer before
- even any operating system or software has been started.</p>
- <p>Here 's a few screenshots I've taken from VMWare, which basically behaves like any other physical computer.</p>
- <p>Here 's the initial bootsplash which lasts only a few seconds. <br>
- <img src="helpdocs_files/bootsplash-vmware.png" alt="" height="480" hspace="5" vspace="5" width="640"><br>
- The text speaks for itself. </p>
- <p>Hitting "esc" is enough to select a temporary bootdevice. <br>
- <img src="helpdocs_files/bootselection-vmware.png" alt="" height="418" hspace="5" vspace="5" width="546"></p>
- <p>Alternatively if you hit F2, you can go into the bios and set the
- bootsequence permanently. Remember that in that case when you have
- a bootable CD in your tray, your PC will always boot from
- that. It will also make startup slower because it will first look
- for a cd and its bootability.<br>
- <img src="helpdocs_files/bios-boot-vmware.png" alt="" height="480" hspace="5" vspace="5" width="640"></p>
- <p>Now this is only an example for VMWare. Any other computer is
- different in the fact that it can be any of the other function keys you
- need to press to enter the bios or choose a bootdevice. Read the
- text from the splash screen.</p>
- <p>To get a better explanation on setting the bootsequence, take a look at the documentation done for Hiren's Bootcd:</p>
- <p>
- <style type="text/css">
- <!--
- @page { margin: 0.79in }
- P { margin-bottom: 0.08in }
- A:link { so-language: zxx }
- -->
- </style>
- </p>
- <p><a href="http://www.hiren.info/pages/bios-boot-cdrom">http://www.hiren.info/pages/bios-boot-cdrom</a></p>
- <p> </p><br><a name="BL8Q8FN81J34KW4EMG9IHTQJZ2L5J22LD02C6FAXQ4S0Q" ="" id="BL8Q8FN81J34KW4EMG9IHTQJZ2L5J22LD02C6FAXQ4S0Q"></a><h1>0.4 Resetting passwords</h1><p>Once
- you 've managed to burn TRK to CD and set the right bootsequence,
- you can start doing stuff with it, like resetting the password (that's
- what you came here for didn't you?).</p>
- <p>See this little <a href="https://trinityhome.org/Files/trk-screenshots/video/trk-winpass-howto-01.avi">movie</a> which runs you through it from A to Z and do some further reading on the <a href="https://trinityhome.org/Home/index.php?content=3922.2_WINPASS_AND_REGEDIT&front_id=19&lang=en&locale=en">usage of winpass.</a></p>
- <p>You will notice that once you started TRK, the simple menu that you get is self explanatory.</p>
- <p> </p><br><a name="48H6PKLBPTE32K9P95Q4T4MADLMZA6W5431IEDKTWQLN0" ="" id="48H6PKLBPTE32K9P95Q4T4MADLMZA6W5431IEDKTWQLN0"></a><h1>1. TRK for Linux newbies</h1><p>This
- section gives a quick introduction about the concepts of Linux, a live
- distribution and how you should see and control your computer from the
- viewpoint of TRK</p><br><a name="2FK5NB4F87EHQWYKAJWGIQZLFA53HWY9185EAZJ9XPGCA" ="" id="2FK5NB4F87EHQWYKAJWGIQZLFA53HWY9185EAZJ9XPGCA"></a><h1>1.1 What is TRK? What 's a live distribution?</h1><p>
- <style type="text/css">
- <!--
- @page { margin: 0.79in }
- P { margin-bottom: 0.08in }
- H1 { margin-bottom: 0.08in }
- H1.western { font-family: "Times New Roman", serif }
- H1.cjk { font-family: "Bitstream Vera Sans" }
- H1.ctl { font-family: "Bitstream Vera Sans" }
- -->
- </style>
- </p>
- <p>This is a definition for people that have absolutely no idea of what
- an operating system means. If you don 't understand what I just said,
- you need to read the following text. The people who do know what it all
- means, might take the following definition as incorrect, but that 's
- just so I can explain in simple language what I mean.<br>
- <br>
- “Trinity Rescue Kit" or <strong>TRK is a collection of programs that can start a computer in an alternate way if it failed to start normally.<br>
- </strong><br>
- TRK is a so called "live distribution" of Linux. Linux is in fact the
- "brain" and "the senses" that drives your computer, all the programs
- are the limbs that allow you to control it. All this put together make
- up a so called operating system. Because of confusion in terminology
- and because of the so many flavors, we talk about Linux being the
- operating system and what makes it complete with programs is called the
- distribution. And as for distributions, a lot of flavors exist
- (hundreds, maybe even thousands). One of these flavors is Trinity
- Rescue Kit. TRK is a "live" distribution because it can boot from
- removable media, perform hardware detection on-the-fly and automate as
- many configuration tasks as possible.<br>
- <br>
- TRK operates completely from RAM (= compare this with the short term
- memory of your brain) and read-only media. This means also it doesn ‘t
- touch nor change anything stored on your computer until you tell it to
- do so. Another implication this will have is that by starting your
- computer with Trinity Rescue Kit you have the guarantee that no viruses
- that might be on your local computer can become active. In the case of
- your computer running Microsoft Windows in normal circumstances, it
- just is impossibe by design that a windows virus can run on TRK because
- TRK is Linux.<br>
- <br>
- You have the possibility of using 5 different antivirus scanners with
- TRK (current version of this writing: 3.4). One of them, the free open
- source Clamav is integrated in the distribution, the other 4, F-prot,
- Bitdefender Vexira and Avast get downloaded from the Internet when
- launched. For Avast you need a free license key handy, for which you
- need to<a href="http://www.avast.com/registration-free-antivirus.php"> register on their site</a>.<br>
- <br>
- More on what TRK is can be read on the frontpage</p>
- <h1 class="western"><br>
- </h1>
- <p> </p><br><a name="BVJ9IR04WMV4XH1MSM34S6T8MGH4JW8KHHKQYBKKN6FBD" ="" id="BVJ9IR04WMV4XH1MSM34S6T8MGH4JW8KHHKQYBKKN6FBD"></a><h1>1.2 What is different between accessing your PC from Windows and accessing from TRK?</h1><p>
- <style type="text/css">
- <!--
- @page { margin: 0.79in }
- P { margin-bottom: 0.08in }
- -->
- </style>Instead
- of running programs on your computer using Windows, you are now
- starting your computer with something completely different. Trinity
- Rescue Kit is not designed to give you the same environment you get
- normally, but to provide you the means and the utilities to perform
- rescue and repair operations that might not be (anymore) possible on
- your computer in normal Windows operation mode.<br>
- <br>
- Because this is Linux, you will not see your drives in the same way you
- do under Windows (or DOS), but they will appear as logically assigned
- devices. So instead of the C:-drive, you will get /dev/hda1 in which
- ‘hda’ is your first available harddisk ('h' in hda is for ide drives,
- 's' is for scsi, sata and removable drives), hda1 is the first
- (primary) partition on which a filesystem may reside. The filesystem
- used in general for Windows is NTFS. This stands for New Technology
- FileSystem, but in the mean time the "New" in technology is already
- more than 12 years old. Nevertheless, it has gotten some improvements
- over the years and it is, I must admit, a good filesystem. The other
- filesystem natively supported by Windows is FAT, which come in the
- flavors FAT12 (for floppies), FAT16 (for small disks up to 2Gb) and
- FAT32 (for bigger disks).<br>
- <br>
- What 's also different from Windows is that these filesystems are not
- accessible by default in Linux, you have to so called "mount" them.
- Where in Windows you will get a drive C: with your files on, in Linux
- you have to call the command 'mount' and mount the filesystem against a
- subdirectory. An example of this: let 's say your drive C: is /dev/hda1
- (/dev contains the collection of device references on your system). You
- have a directory /mnt0. In this case you type 'mount /dev/hda1 /mnt0'.
- When you invoke the command 'mount' afterwards without any parameters,
- you will see that /dev/hda1 is mounted on /mnt0. If you cd to that
- directory and type 'ls' (=equivalant of 'dir' in Windows), you will get
- a directory listing of what 's available on that C: drive.<br>
- <br>
- Now with this all explained, you should see the picture: TRK runs on
- your computer but treats it as a doctor inspecting a dead body:
- everything is there, but the person is not. You can now perform surgery
- on the body and try to revive it.
- </p>
- <p> </p><br><a name="WQKZJKT0E8QJQM9HJZ4WTYKI5DK0ZDBLUMB3YUU2S9B7M" ="" id="WQKZJKT0E8QJQM9HJZ4WTYKI5DK0ZDBLUMB3YUU2S9B7M"></a><h1>1.3 Getting around with common linux commands (cd, cp, mv, rm, more, grep, mount)</h1><p>
- <style type="text/css">
- <!--
- @page { margin: 0.79in }
- P { margin-bottom: 0.08in }
- -->
- </style>
- </p>
- <p>This is a small tour on commands you will find useful when working
- with TRK (and Linux in general). Let 's take as a convention that
- commands you have to type are put between 'single quotes'. At the
- commandline you omit these quotes (unless I say not to).<br>
- <br>
- What I 'm going to teach here is basically how you work with files, like copying, moving, editing, etc...<br>
- <br>
- First, let's start with changing directories.<br>
- <br>
- People that have worked with the commandline in Windows or Dos will
- recognize many things. The big difference with this is that directories
- in Linux are separated by forward slashes instead of backslashes in
- Windows. Another big difference is that Linux folders and files are
- case sensitive: capitals have to be typed as capitals, otherwise the
- file or folder will not be found.<br>
- <br>
- -<strong>cd</strong><br>
- <br>
- The command to change a directory (or folder how it 's called in Windows) is 'cd'<br>
- f. i. you want to change to the directory /tmp you type 'cd /tmp'. If
- the folder contains spaces, there are two ways you can get into them:
- or you put the foldername between double quotes or you use so called
- escape characters to represent the spaces.<br>
- <br>
- Let 's say we want to cd to the folder 'Documents and Settings' you can
- type 'cd "Documents and Settings"' or 'cd Documents\ and\ Settings'
- where the backslash (\) in Linux is used to 'escape' characters, i.e.
- you treat the characters litterally instead of as a control character.
- Enough of that.<br>
- <br>
- Another way of easily changing directories is by typing the first
- letters of it and then pressing the tab-key. F.i. type 'cd Doc' and
- press tab. The command will complete as 'cd Documents\ and\ Settings'.
- If more files or folders match, the tab command will show you the
- possible options left. Very nice feature, saves you lots of time and
- painful fingers.<br>
- <br>
- -<strong>cp</strong><br>
- <br>
- File copying, the second thing you 'll probably need.<br>
- Once you 're in the right directory, you need to be able to copy files to other locations.<br>
- Here 's how to do it, together with the most important switches.<br>
- Take a file called file1, located in /tmp/ and you want to copy it to
- /home: simple command 'cp /tmp/file1 /home' or when you first cd-ed to
- /tmp: 'cp file1 /home/'. Source-target.<br>
- Suppose you want to copy multiple files, you can use a wildcard with
- '*'. If /tmp contains file1 and file2 and copy them both at the same
- time: 'cp /tmp/file* /home/'<br>
- If you want to copy files and folders recursively, together with all the attributes, use the switch '-a'<br>
- To see what gets copied while it 's busy, add the '-v' parameter too (verbose).<br>
- Say /tmp contains 'file1', 'file2', a subfolder called 'testfolder'
- which also contains 'file3', then perform 'cp -av /tmp/* /home' This
- will copy the complete contents of /tmp, including subfolders to /home.<br>
- If cp asks you to overwrite already existing files, you can force that by adding '-f' (force) to your command:<br>
- 'cp -avf /tmp/* /home'<br>
- <br>
- -<strong>mv</strong><br>
- <br>
- Moving files. This is the same principle as copying files but easier, e.g.<br>
- 'mv /tmp/* /home' moves all the contents, including subdirs to /home<br>
- Adding the parameters -v and f moves them verbosely without prompting to overwrite existing files.<br>
- <br>
- -<strong>rm</strong><br>
- <br>
- Remove files.<br>
- Remove 1 file, example: 'rm /tmp/file1'<br>
- Remove files recursively, without prompting: 'rm -rf /tmp/*'<br>
- <br>
- -<strong>more</strong><br>
- <br>
- Viewing files and output of commands. This is a util you can use any
- time there 's too much output coming to your screen or you need to look
- into a file.<br>
- E.g.: 'more /tmp/file1' shows you the contents of file1, but gives it a
- page at a time. To go to the next page, press space. The arrows and
- enter key scroll down line by line.<br>
- You can use this command also in combination with other commands to halt their output so you can read what it says.<br>
- Example: 'dmesg | more' : 'dmesg' gives you the output of your kernel
- startup procedure and recent system messages, but it 's maybe about 300
- lines of output. So in this case we so called "pipe" the output of
- 'dmesg' to 'more' using the "|" sign. In this way I have also explained
- you with an example the use of "command piping"<br>
- <br>
- -<strong>command piping</strong><br>
- <br>
- Continueing on this subject, let 's see what other uses command piping can do for us.<br>
- It can be used to filter out a certain line with a specific keyword.<br>
- Let 's say you want to know whether there 's a file called
- Document.doc' somewhere in a subdirectory, but you don 't know which.
- Then use this command from within the base directory you want to search
- in: 'find ./ | grep -i document.doc' (the -i parameter upper- or
- lowercase characters)<br>
- You can also pipe the output of a command to a file instead of the
- screen. F.i. to put the complete filelisting of a directory tree to a
- file, do like this 'find ./ > /tmp/filelist.txt'<br>
- <br>
- -<strong>editing files</strong><br>
- <br>
- Here 's quickly how to use vi, the most common text editor on Linux.
- Beware: this does not edit Word documents or any other document format
- that is in binary format.<br>
- Open a file or create a new file: 'vi /tmp/file1'<br>
- Move your cursor around with your arrows to the line you want to edit.<br>
- To insert text, type 'i', this will put you in insert mode. To remove
- text, use 'x', (go out of insert mode first with escape). To remove or
- cut a complete line, use 'dd'. You can paste this line elsewhere with
- 'p'.<br>
- This is basically editing in vi. To save a document, go out of insert
- mode and type ':wq' (colon write quit). To exit without saving: ':q!'
- (colon quit exclamation mark).<br>
- If you don 't like vi, you can use pico which is a bit simpler to use, but less common on the different Linux systems.<br>
- <br>
- -<strong>mounting filesystems</strong><br>
- <br>
- When working with Linux and more specifically here with Trinity Rescue
- Kit, it is imperative that you understand the way you "talk" to
- filesystems.<br>
- Whereas Windows just assigns a driveletter to any local filesystem it
- knows and finds (which is only NTFS and FAT), Linux does it all by
- invoking "mount" of a filesystem against a directory where you mount it.<br>
- Trinity Rescue Kit has a utility called "mountallfs" that searches for
- every filesystem on the local computer's disk drives and mounts it in a
- directory that has the same basename as the device where the filesystem
- resides. More on that later in this documentation. In other, normal
- Linux distributions, local filesystems are detected or created on
- install.<br>
- <br>
- Let 's talk now how to perform manual mounting.<br>
- Mounting can be performed with any filesystem, regardless of it being local or on the network. <br>
- <br>
- *<u> Mounting a local filesystem can be done like this:</u><br>
- <br>
- To know what device contains te filesystem you want to mount, you can
- look at a file called "/proc/partitions" This will tell you the
- partition lay-out of your disks, which will most likely contain
- filesystems. A common "/proc/partitions" file may look like this:<br>
- <br>
- /dev/hda<br>
- /dev/hda1<br>
- /dev/hda2<br>
- <br>
- /dev/hda claims in fact the whole disk. Under Windows it is impossible
- to create a filesystem in there, under Linux it is possible but
- improbable and not recommended.<br>
- Most likely you will find a filesystem on /dev/hda1 and /dev/hda2, which will be you C: and D:-drive under Windows in general.<br>
- Mounting this is quite easy, in general you don 't have to give any paramters with it, Linux will detect the type of filesystem.<br>
- 'mount /dev/hda1 /mnt0'<br>
- <br>
- Trinity Rescue Kit by default has two directories for manual mounting
- of filesystems. You can create as many as you like, in as many subdirs
- as you like. That 's all I 'm going to explain about local filesystem
- mounting. I recommand you use "mountallfs". More on that later.<br>
- <br>
- * <u>Mounting network filesystems.</u><br>
- <br>
- This is a very interesting bit, because with Trinity Rescue Kit you
- will want to evacuate your files to another computer. In TRK (and most
- other Linux distributions) it is possible to talk to Windows
- filesharing technology. For those who want to know the name of this
- technology, it 's called SMB (=Server Message Block). TRK can act as a
- client as well as a server. In this case we 're talking about TRK as a
- client.<br>
- <br>
- Let 's say you have a running windows machine and you 've configured it
- to share "myshare". If you have not configured a share, you can connect
- to the c$ hidden share, but then you need to deactivate "Use simple
- simple filesharing" in the folder options of your Windows explorer. But
- let us take the "myshare" share.<br>
- <br>
- For the ease of use, it 's a good thing to create a user on your
- Windows machine called "root", give him a password and make it an
- administrator. But that 's not really necessary, you can also use the
- local "administrator" account, this will just require you to add a
- parameter to the mount command.<br>
- <br>
- Let 's take the case of the "myshare" share, your Windows pc has
- 10.0.0.5 as ip-address (always faster to just point to the ip-address
- instead of the name) and you 've created a local user called root. Then
- here 's the command: 'mount //10.0.0.5/myshare /mnt0'<br>
- <br>
- You will get prompted for a password in if no output is given, your
- share should appear under /mnt0. Make sure "myshare" has enough
- permissions for the user "root"<br>
- <br>
- If you don't want to create a user, you don 't want to create a share
- and you did disable simple filesharing (or your windows machine is
- member of a domain), you can go ahead like this:<br>
- 'mount -o username=administrator //10.0.0.5/c$ /mnt0' , which will
- prompt for the password an give you the credentials of "administrator".
- You can already pass the password (e.g. blahblah) in the commandline if
- nobody is looking over your shoulder: 'mount -o
- username=administrator,password=blahblah //10.0.0.5/c$ /mnt0'<br>
- <br>
- Below is a screenshot of a Windows PC that has opened the disk of a remote TRK booted machine.</p>
- <p><br>
- <img alt="" src="helpdocs_files/fileserver-explorer.png" height="600" hspace="5" width="800"></p>
- <p> </p>
- <p> </p><br><a name="M69SKN1KBY3NSX3XG2DPJ306MHH6EL0SIZ9UD05EPYT7K" ="" id="M69SKN1KBY3NSX3XG2DPJ306MHH6EL0SIZ9UD05EPYT7K"></a><h1>1.4 Reading information about your PC (dmesg, /proc/partitions)</h1><p>
- <style type="text/css">
- <!--
- @page { margin: 0.79in }
- P { margin-bottom: 0.08in }
- -->
- </style>Let 's summarize a little what 's already been said and look at reading info on your computer.<br>
- <br>
- -<strong>/proc</strong><br>
- <br>
- Standard Linux always has a filesystem called "proc", which is a
- virtual filesystem in which files reside that have to do with your
- hardware and running processes. It 's a wonderful invention. We already
- talked about /proc/partitions, which is a file containing all local
- disk partitions.<br>
- <br>
- Another interesting file is /proc/cpuinfo, which gives you information about your CPUs<br>
- <br>
- /proc/meminfo gives you information about the memory usage. Don 't let
- yourself get misled by the Memfree line, which will always look very
- low. Actually, Linux always reserves most part of the memory so it can
- make use of it in a fast way. What you need to look at is the Active
- and Inactive. The maximum amount of memory you will see will never be
- more than 4Gb, since the TRK kernel needs to keep maximum compatibility<br>
- <br>
- Another useful file to read info on your cdrom drive is /proc/sys/dev/cdrom/info.<br>
- <br>
- Those are about the important files in /proc you need to know about now.<br>
- <br>
- -<strong>dmesg</strong><br>
- <br>
- The command "dmesg" gives you your kernel messages. Any hardware
- detected will give you a message somewhere in the output of this
- command. If you want to know the type of network card that has been
- detected, perform 'dmesg|more' and look for any mentions of eth0,
- eth1,...<br>
- <br>
- What type of harddisk controller you have: dmesg. Just use it when you
- find yourself stuck on hardware questions. Also disk failures will be
- visible with this command. Network errors, link down, etc, one command.<br>
- <br>
- Another way of looking at this information is through /var/log/messages
- (more /var/log/messages), which on normal Linux distributions contain
- output logs of previous boots too.<br>
- <br>
- To know what device your newly inserted USB stick has, plug it in, let
- it settle for a few seconds and then run dmesg again. Or just run
- 'dmesg|tail' to see only the last added lines.<br>
- Here 's an excerpt of what you might read from dmesg. It tells you something about your network card:<br>
- <font face="Courier New"><font size="2">eepro100.c:v1.09j-t 9/29/99 Donald Becker http://www.scyld.com/network/eepro100.html<br>
- eepro100.c: $Revision: 1.36 $ 2000/11/17 Modified by Andrey V. Savochkin <saw@saw.sw.com.sg> and others<br>
- ACPI: PCI Interrupt 0000:05:08.0[A] -> GSI 20 (level, low) -> IRQ 16<br>
- eth0: OEM i82557/i82558 10/100 Ethernet, 00:08:02:C6:4E:9D, IRQ 16.<br>
- Board assembly 262285-001, Physical connectors present: RJ45<br>
- Primary interface chip i82555 PHY #1.<br>
- General self-test: passed.<br>
- Serial sub-system self-test: passed.<br>
- Internal registers self-test: passed.<br>
- ROM checksum self-test: passed (0x04f4518b).</font></font><br>
- <br>
- -<strong>lspci and lsusb</strong><br>
- <br>
- This gives you any information on what 's on your PCI and respectively
- USB bus. This doesn 't only mean what 's in your PCI slots, but
- everything on the bus, so also onboard ethernet and usb controllers.
- </p>
- <p>
- <strong>-lshw</strong>
- </p>
- <p>Now here 's a great utility that can give you a complete listing of
- all your hardware, recognised and not recognised. When you run it, it
- will give you a LOT of output, so best here is to run it 'lshw |
- more', or if you only need specific info about f.i. disk drives, you
- can run 'lshw -C DISK'. Getting the info off your TRK can be done
- directly to the interweb (provided your network card got detected) by
- running 'lshw | wgetpaste', which will publish the output on
- http://pastebin.ca and return you a short url to where it can be found.</p>
- <p>
- <br>
- -<strong>smartctl</strong><br>
- <br>
- The smartmontools are part of Trinity Rescue Kit and not so common on
- normal Linux systems, yet they are a valuable addition to any system.
- What it does is read the s.m.a.r.t. information of disk drives so you
- can know when errors start to occur.<br>
- <br>
- Just use it like this: 'smartctl -a /dev/sda' where sda is your first
- scsi or sata drive. Make sure smart is enabled in the computer's bios.<br>
- <br>
- -<strong>acpi and acpitool</strong><br>
- <br>
- Two tools to read the battery and thermal information of your computer. Type acpi --help to get more info on possible options.<br>
- <br>
- acpitool can give you much more information like fan speeds and cpu.
- Also certain laptop types are supported for their special features like
- brigthness on Asus laptops etc...<br>
- <br>
- -<strong>df and du</strong><br>
- <br>
- Two standard utils provided in Linux. df shows you the usage of your
- mounted filesystems, du shows you the usage of a specific folder. Use
- it like 'df -h' and 'du -h' where "-h" stands for "human readable",
- making the output rounded to mega- and gigabytes.<br>
- This is in short how you can get to know your computer a little and how to jumpstart using Linux and Trinity Rescue Kit.<br>
- <br>
- <strong>-lshw</strong><br>
- <br>
- Recently recommended and added, but looks very promising, lshw gives
- you a complete list of all your hardware in your computer. Best to pipe
- this to a file, because the list can get long.
- </p>
- <p> </p><br><a name="QBRDPTSD001QIT0CN3AHZ75WRJKLINJYQ024JJ8A9ZQIH" ="" id="QBRDPTSD001QIT0CN3AHZ75WRJKLINJYQ024JJ8A9ZQIH"></a><h1>2. TRK own commands and utils</h1><p>Let 's look at the added value of Trinity Rescue Kit, with its own specific commands and utils.</p><br><a name="XFPUBF4W6TFSCHXH5RXKMFAR0BVLGLR3S6NTBHF71KQ3T" ="" id="XFPUBF4W6TFSCHXH5RXKMFAR0BVLGLR3S6NTBHF71KQ3T"></a><h1>2.1 Virusscan</h1><p>
- <style type="text/css">
- <!--
- @page { margin: 0.79in }
- P { margin-bottom: 0.08in }
- H1 { margin-bottom: 0.08in }
- H1.western { font-family: "Times New Roman", serif }
- H1.cjk { font-family: "Bitstream Vera Sans" }
- H1.ctl { font-family: "Bitstream Vera Sans" }
- H2 { margin-bottom: 0.08in }
- A:link { so-language: zxx }
- -->
- </style>
- </p>
- <p>Virusscan is a script that actually wraps 5 different virusscanners into one. <br>
- Only one of them is actually included on the TRK cd (Clamav), the others are downloaded from their website upon usage.</p>
- <p>When running virusscan, it is highly recommended that your computer
- has a decent internet connection so you can get the latest virus
- signatures.</p>
- <h2>Scan engines</h2>
- <p style="margin-bottom: 0in;">Currently, 5 AV engines and md5 file checksumming are implemented.</p>
- <h3>-ClamAV</h3>
- <p>This is the basic engine provided and is already preinstalled on
- TRK. It is very effective on mailservers but is quite slow and tends to
- crash when used as a commandline scanner. It also focuses more on
- mailworms and, from experience, has less effectiveness for local viri.
- Clamav is the only GPL licensed AV engine implemented. All others have
- some sort of free-for-non-commercial-use license and are closed source.
- The pros of Clamav are: <br>
- * very quick on new virus outbreaks <br>
- * included in TRK <br>
- * GPL licensed, so free for everyone <br>
- The cons: <br>
- * slow and very CPU and memory intensive <br>
- * detects the least viri of the 5 scanners in virusscan. <br>
- <br>
- Because it's in fact a mailserver scanner, it will focus more on worms
- than on filth that comes from malicious websites and such. <br>
- * cannot disinfect inside files on its own. What is done in this case
- is quarantine the infected files into a tar.gz archive in
- <scandestination>/TRK-INFECTED/. Should a file be accidentally
- deleted, you can recover it afterwards and rescan it with another
- antivirustool</p>
- <h3>-F-Prot</h3>
- <p>This antivirus tool and all the others are not included in TRK but
- get downloaded from the Internet as soon as you call upon them. They
- disappear after a reboot of TRK. If you want them to be available after
- a reboot, you have to run updatetrk. This will be explained later in
- this documentation. The pros of F-prot: <br>
- * lightweight, not a big download <br>
- * pretty fast, low cpu usage <br>
- * good disinfection method <br>
- The cons: <br>
- * does not detect everything <br>
- * their website sometimes fails and download of f-prot is aborted</p>
- <h3>-BitDefender Scanner</h3>
- <p>It has a good average between filesize, cpu/memory load and
- virusdetection. It can detect many different types of malware. From
- what has been experienced so far, it may detect other viri and malware
- than the other 4. It's recommended to sweep with this after another one
- has already run. <br>
- Pros of BitDefender Scanner: <br>
- * detects quite some viri <br>
- * pretty fast <br>
- * detects alternate malware <br>
- Cons: <br>
- * sometimes doesn't detect very common viri <br>
- * slow update process</p>
- <h3>-Vexira</h3>
- <p>This AV engine hasn't been tested so much, but it looks like a good average AV engine.</p>
- <h3>-Avast</h3>
- <p>Avast is the latest addition to virusscan (and replaces Grisoft AVG
- because AVG lacks cleaning support in its new version). Avast is a
- great AV on Windows, very lightweight, but has not been tested in depth
- yet on Linux/TRK. <br>
- For this particular AV engine you need a registered, free license key which is sent to you by mail. <br>
- Get it at <a href="http://www.avast.com/registration-free-antivirus.php">http://www.avast.com/registration-free-antivirus.php</a> <br>
- If you want to avoid entering the license key each time, it's recommened to run updatetrk</p>
- <h3>-MD5</h3>
- <p>This is not an antivirus engine but just reads all of your files and
- makes md5sums of it. It writes the result to a logfile in the same way
- like it does for an AV engine. The logfile format is: modification
- seconds since 1-1-1970 <space> md5sum <space> filepath.</p>
- <p> </p>
- <p>To get complete and up to date info, please check out the online version of the manpage for virusscan: <a href="http://trinityhome.org/manpages/man8/virusscan.8.html">http://trinityhome.org/manpages/man8/virusscan.8.html</a></p>
- <p><br>
- </p>
- <p> </p><br><a name="HW79FF1ZME1FBEY6DVXDG60JAJVNKK6T64SB9I0MMSSPW" ="" id="HW79FF1ZME1FBEY6DVXDG60JAJVNKK6T64SB9I0MMSSPW"></a><h1>2.2 Winpass and regedit</h1><p>
- <style type="text/css">
- <!--
- @page { margin: 0.79in }
- P { margin-bottom: 0.08in }
- H2 { margin-bottom: 0.08in }
- A:link { so-language: zxx }
- -->
- </style>
- </p>
- <p style="margin-bottom: 0in;">Winpass is a bash wrapper script for <strong>chntpw </strong>supplied with Trinity Rescue Kit that resets MS Windows NT based local passwords.</p>
- <p>By default winpass without any arguments will reset the builtin
- administrator account of a locally installed Windows, but you can
- specify other accounts as well at the commandline. In fact, you can add
- any parameter from chntpw which will be parsed to the commandline. So
- winpass -l will list all usernames found in the SAM (=Windows user and
- password database). Should you have troubles that metacharacters are
- present in the username (such as the Ø or something), you can still
- use the HEX reference to the username listed next to it. Be sure to
- prepend that with a '0x'. More info on that can be found in the chntpw
- manual.</p>
- <p>Winpass does not reset any Active Directory passwords</p>
- <dl>
- <dt>-l</dt>
- <dd> list usernames contained in the SAM of the local computer and exit </dd>
- <dt> -i</dt>
- <dd> interactively run chntpw. This option lists the local usernames and gives you the option to choose from them </dd>
- <dt> -e, regedit</dt>
- <dd> run as registry editor. To get a list of commands in the editor, type "?" </dd>
- <dt> -u "username"</dt>
- <dd>
- optional username if the user you wish to reset is not "Administrator".
- Be sure to add quotes for the username if it contains whitespaces </dd>
- <dt> --restore</dt>
- <dd style="margin-bottom: 0.2in;">
- restore the original SAM file, thus restoring the original
- password/user situation from before the first time winpass was ever
- run. Should you somehow have messed up the user accounts, you can go
- back to the original situation with this option. Since build 338 the
- option to overwrite the backup when winpass is run multiple times has
- been disabled to prevent yes-men users answering yes to every question
- being asked. Removing the backup must now be done manually. You can
- find it in general under /sda1/WINDOWS/system32/config/SAM </dd>
- </dl>
- <p> </p>
- <h2>Example:</h2>
- <p>Here's an example of resetting the password for user "John Doe". Note the double quotes around the username.</p>
- <p>[root@trk]:(~)# <b>winpass -u "John Doe"</b> <br>
- Searching and mounting all filesystems on local machine <br>
- Remounting NTFS partitions with ntfs-3g <br>
- Result of mounting: <br>
- /dev/hda1 on /hda1 type fuseblk (rw,allow_other,blksize=4096) <br>
- Windows NT/2K/XP installation(s) found in: <br>
- 1: /hda1/WINDOWS <br>
- Make your choice or 'q' to quit [1]: <b>1</b> <br>
- Ok, continue <br>
- chntpw version 0.99.6 080526 (sixtyfour), (c) Petter N Hagen <br>
- Hive <SAM> name (from header): <\SystemRoot\System32\Config\SAM> <br>
- ROOT KEY at offset: 0x001020 * Subkey indexing type is: 666c <br>
- Page at 0x8000 is not 'hbin', assuming file contains garbage at end <br>
- File size 262144 [40000] bytes, containing 7 pages (+ 1 headerpage) <br>
- Used for data: 317/24808 blocks/bytes, unused: 6/3640 blocks/bytes.</p>
- <p><br>
- Hive <SECURITY> name (from header): <\SystemRoot\System32\Config\SECURITY> <br>
- ROOT KEY at offset: 0x001020 * Subkey indexing type is: 666c <br>
- Page at 0x10000 is not 'hbin', assuming file contains garbage at end <br>
- File size 262144 [40000] bytes, containing 15 pages (+ 1 headerpage) <br>
- Used for data: 1108/53920 blocks/bytes, unused: 11/7040 blocks/bytes.</p>
- <p><br>
- </p>
- <p><br>
- * SAM policy limits: <br>
- Failed logins before lockout is: 3 <br>
- Minimum password length : 7 <br>
- Password history count : 7 <br>
- | RID -|---------- Username ------------| Admin? |- Lock? --| <br>
- | 01f4 | Administrator | ADMIN | | <br>
- | 03eb | ASPNET | ADMIN | | <br>
- | 01f5 | Guest | ADMIN | dis/lock | <br>
- | 03e8 | HelpAssistant | | dis/lock | <br>
- | 03f0 | John Doe | ADMIN | | <br>
- | 03ea | SUPPORT_388945a0 | | dis/lock |</p>
- <p><br>
- ---------------------> SYSKEY CHECK <----------------------- <br>
- SYSTEM SecureBoot : -1 -> Not Set (not installed, good!) <br>
- SAM Account\F : 1 -> key-in-registry <br>
- SECURITY PolSecretEncryptionKey: 1 -> key-in-registry <br>
- Syskey not installed!</p>
- <p><br>
- RID : 1008 [03f0] <br>
- Username: John Doe <br>
- fullname: John Doe <br>
- comment : <br>
- homedir :</p>
- <p><br>
- User is member of 2 groups: <br>
- 00000221 = Users (which has 4 members) <br>
- 00000220 = Administrators (which has 7 members)</p>
- <p><br>
- Account bits: 0x0010 = <br>
- [ ] Disabled | [ ] Homedir req. | [ ] Passwd not req. | <br>
- [ ] Temp. duplicate | [X] Normal account | [ ] NMS account | <br>
- [ ] Domain trust ac | [ ] Wks trust act. | [ ] Srv trust act | <br>
- [ ] Pwd don't expir | [ ] Auto lockout | [ ] (unknown 0x08) | <br>
- [ ] (unknown 0x10) | [ ] (unknown 0x20) | [ ] (unknown 0x40) |</p>
- <p><br>
- Failed login count: 0, while max tries is: 3 <br>
- Total login count: 0</p>
- <p><br>
- - - - - User Edit Menu: <br>
- <br>
- 1-Clear(blank)userpassword <br>
- <br>
- 2-Edit(setnew)userpassword(carefulwiththisonXPorVista) <br>
- <br>
- 3-Promoteuser(makeuseranadministrator) <br>
- (4 - Unlock and enable user account) [seems unlocked already] <br>
- <br>
- q-Quiteditinguser,backtouserselect <br>
- Select: [q] > <b>1</b> <br>
- Password cleared!</p>
- <p><br>
- Hives that have changed: <br>
- <br>
- #Name <br>
- <br>
- 0<SAM>-OK</p>
- <p><br>
- Backup file already exists. Not touching this file. Please be aware
- that 'winpass --restore' would restore the very original file from
- before winpass was ever run <br>
- Writing /hda1/WINDOWS/system32/config/SAM <br>
- [root@trk]:(~)#</p>
- <p style="margin-bottom: 0in;"> </p>
- <p>For the full documentation, refer to the online manpage:</p>
- <p><a href="http://trinityhome.org/manpages/man8/winpass.8.html">http://trinityhome.org/manpages/man8/winpass.8.html</a></p>
- <h2><font size="6">regedit</font></h2>
- <p>This is actually the same script as winpass, but called in this way
- it copies all registry hives and opens them (sam, security, system and
- software). Only drawback is that it cannot know which user registry to
- open, since they are located in different directories. Because chntpw
- is not scriptable, I cannot read registry hives from a shell script to
- determine the location of userhives.<br>
- <br>
- Once running, refer to the <a href="http://home.eunet.no/pnordahl/ntpasswd/faq.html">documentation of chntpw/regedit</a> on how to use it.<br>
- <br>
- <br>
- </p>
- <p> </p><br><a name="SI14T7V9WN984HEA7MUC0E8RMGDSNVN63F0LCLKYZKWTS" ="" id="SI14T7V9WN984HEA7MUC0E8RMGDSNVN63F0LCLKYZKWTS"></a><h1>2.3 Mass Clone: a multicast disk cloning tool</h1><p>
- <style type="text/css">
- <!--{12802443353150}-->
- </style>
- </p>
- <p style="margin-bottom: 0in;">Mclone or Mass Clone is a utility that creates and distributes harddisk images over the network via multicast. <br>
- It is very fast since it uses only one network packet for an infinite
- number of receivers. On a 100mbit switch it will average at about
- 93mbit. The only limitation here is the speed of the network, disk or
- cpu. <br>
- Main features: <br>
- -make exact copies of any operating system <br>
- -optimized for Windows XP/Vista/Seven imaging using ntfsclone. Other filesystems are copied with dd <br>
- -fast and scalable <br>
- -save to image and restore from image (to multicast) with optional 3 compression algorythms (gzip, bzip2 and 7-zip) <br>
- -restore original bootsector/ntfs c/h/s values. An old bug in many
- BIOSes sometimes gave wrong values for Cylinders/Heads/Sectors count.
- Although CHS is an old method for assigning disk geometry (LBA should
- be used), Windows XP and family still use it to assign addressing of
- their bootcode. Recent Linux kernels discard wrong C/H/S values and set
- it to the LBA values. This resulted sometimes in unbootable cloned
- Windows machines (the blinking cursor nightmare). Recently a patched
- version of relocntfs appeared (now called ntfsreloc) which is able to
- "force" original C/H/S values into your NTFS. Mclone does it
- automatically for you. Major feature over other cloning tools. <br>
- -run up to 50 different sessions separately over your LAN <br>
- -optional speed limitation. Just so your LAN doesn't get saturated. <br>
- -option to specify disks/partitions instead of just everything automatically <br>
- -option to skip bootsector <br>
- -option to skip C/H/S check</p>
- <p>Since TRK is network bootable from another TRK without any
- modifications to your LAN's config, you could just boot one TRK from
- CD/usb stick, boot all your other computers over the network and run
- mclone on all of them.</p>
- <p>An average image of about 4Gb on a 100mbit network is cloned in about 7 minutes</p>
- <h2>USAGE</h2>
- <p>In short: the computer to be cloned (the sender) runs 'mclone -s', all others run 'mclone' (the receivers). <br>
- Once all computers are ready and waiting, just press enter on one of them and cloning begins.</p>
- <p>You can also save to an image file. The computer that will save the image as a set of files runs mclone with the option -o. <br>
- For example:</p>
- <p>mclone -o standard-xp-install</p>
- <p>will save an uncompressed image to "standard-xp-install", creating
- it as a directory in the current directory if it does not exist. <br>
- The command:</p>
- <p>mclone -C 7-zip -o standard-xp-install</p>
- <p>will add 7-zip compression to the image. But beware of compression.
- I've noticed that gzip is the only compressor that doesn't eat too much
- of your CPU so not to lose transfer speed. If size is more important to
- you, use bzip2 or 7-zip <br>
- In all of these cases you run 'mclone -s' on the computer from which you wish to create an image. (The Sender.) <br>
- Restoring from this recently created image is done with:</p>
- <p>mclone -i standard-xp-install</p>
- <p>No need to specify the compression anymore, mclone will use the correct decompressor. <br>
- So remember: <br>
- -o mode and 'mclone' without arguments is a receiving mode, so the
- other side must run mclone -s (sender mode) -i and -s mode are sender
- mode, the other side runs 'mclone' as a receiver</p>
- <p>Here are all the options that you can specify.</p>
- <p>The command: mclone without any arguments runs in client mode, meaning it will RECEIVE an image from a sender</p>
- <dl>
- <dt>-s</dt>
- <dd> SENDER mode. This mode will send the contents of the local harddisks to listening clients <br>
- e.g.: The sender runs 'mclone -s', the clients run 'mclone'. The sender will clone a one to many copy of itself </dd>
- <dt> -o <path-to-image> </dt>
- <dd>
- This mode is a RECEIVER mode that stores an image from a sender to
- image files in the path specified by the argument 'path-to-image' <br>
- e.g.: 'mclone -o /data/xp-image'. Note: the dir does not need to exist,
- but please erase it if an image is already in there. </dd>
- <dt> -i <path-to-image></dt>
- <dd style="margin-bottom: 0.2in;"> This is a SENDER mode that sends an image to clients. You first need to have an image created with mclone -o of course. </dd>
- <dd style="margin-bottom: 0.2in;"> e.g.: 'mclone -i /data/xp-image' </dd>
- <dt> -n <session number></dt>
- <dd style="margin-bottom: 0.2in;"> Specify as many as 50 sessions when performing multiple cloning. Client and sender need to specify the same number </dd>
- <dd style="margin-bottom: 0.2in;"> e.g.: 'mclone -n 5' for client, 'mclone -s -n 5' for sender </dd>
- <dt> -h</dt>
- <dd style="margin-bottom: 0.2in;"> short help screen </dd>
- <dt style="margin-bottom: 0.2in;"> Optional arguments <b>ONLY FROM SENDER MODE</b>:</dt>
- <dt> -d <disks></dt>
- <dd> Skip disk detection and specify your own (comma separated if more than one). Only valid for SENDER mode (-s). <br>
- e.g.: 'mclone -s -d /dev/sda,/dev/sdc' </dd>
- <dt> -p <partitions></dt>
- <dd> Skip partition detection and specify your own (comma separated if more than one.) Only valid for SENDER mode (-s). <br>
- e.g.: 'mclone -s -p /dev/sda1,/dev/sda2' </dd>
- <dt> -c</dt>
- <dd>
- Skip C/H/S check. This should not be necessary, but if you run into
- troubles with booting, it might help, although the opposite is more
- likely to be true </dd>
- <dt> -b</dt>
- <dd> Skip save bootsector. Should you not want to overwrite your bootsector, add this parameter. </dd>
- <dt> -t <timeout></dt>
- <dd>
- set the timeout between the first client to connect and the last one to
- ride the train. This option is only used during actual image creation.
- Default is 10 seconds. </dd>
- <dt> -r <bitrate></dt>
- <dd style="margin-bottom: 0.2in;">
- Set the maximum bitrate. Set it in kilobit (k) or megabit (m). This is
- recommended when you are on a shared lan, because mclone will eat all
- the available bandwidth. <br>
- e.g.: 'mclone -s -r 80m' sets a maximum of 80 megabit or 10 megabytes per second (which is ok on a 100mbit switch) </dd>
- <dt> Optional arguments for <b>IMAGE SAVE MODE</b></dt>
- <dt> -w</dt>
- <dd>
- Use network compression. This option uses more CPU but saves bandwidth
- on your network. Use only on powerful machines. This option is
- permanent when you store to an image file, i.e. when enabled at image
- creation it will always be used during restore. </dd>
- <dt> -C <compressor></dt>
- <dd style="margin-bottom: 0.2in;">
- Save your image with compression. 3 compression methods are available
- (specified as written here): gzip, bzip2 and 7-zip e.g.: 'mclone -o
- /data/xp-image -C gzip' </dd>
- </dl>
- <p>
- <style type="text/css">
- <!--{12802443353151}-->
- </style>
- </p>
- <p>For the full documentation, refer to the online manpage:</p>
- <p><a href="http://trinityhome.org/manpages/man8/mclone.8.html">http://trinityhome.org/manpages/man8/mclone.8.html</a></p><br><a name="VZX1W3W6015LZRZ127YCKFJS9LX59AAU0YKLR6IHYETNW" ="" id="VZX1W3W6015LZRZ127YCKFJS9LX59AAU0YKLR6IHYETNW"></a><h1>2.4 Winclean</h1><p>
- <style type="text/css">
- <!--
- @page { margin: 0.79in }
- P { margin-bottom: 0.08in }
- H2 { margin-bottom: 0.08in }
- -->
- </style>
- </p>
- <p>With winclean you can easily clean out unnecessary files, such as
- tempfiles or the contents of recycle bins, from a Windows based
- computer. <br>
- This utility will call upon mountallfs to search for all local filesystems. <br>
- It can clean several types of (practically) useless files. <br>
- The file location types are: <br>
- -Tempfiles from every user, located in %TEMP% (e.g.
- C:\Documents and Settings\Username\Local Settings\Temp)
- and Temporary Internet Files from Internet Explorer. The contents of
- the folder C:\Windows\Temp is also cleaned out. <br>
- -Recycle Bins (of all users) can be emptied as well <br>
- -Uninstall files from cumulative patches and service packs. <br>
- This is only valid for Windows XP (and 2000), not Vista or Seven (there
- it's interweaved in WinSXS and is too dangerous to touch). The removal
- of these redundant files can provide a significant performance increase
- since a lot of directory enumeration is done in the Windows system
- folder and the more files and folders there are, the slower it becomes.
- These folders are hidden by default in Windows explorer and are named
- similar to $Uninstall-KB123456$ for example. <br>
- -Dllcache: C:\Windows\system32\dllcache can contain more than 1000 files and take up several hundreds of megabytes. <br>
- This folder has little use if your machine is running as it should. <br>
- -Hanging printerjobs: sometimes spoolfiles are corrupt, or a printer
- has been physically removed for a long time or a spooljob is hundreds
- if not thousands of megabytes in size because someone tried to print a
- 10 megapixel picture of 1200dpi. <br>
- Winclean can remove all pending jobs. <br>
- -Java cache: The cache files of java applications can take up hundreds
- of megabytes, sometimes even more. These can be safely deleted. <br>
- This option is currently only for Sun Java. </p>
- <h2>USAGE</h2>
- <p>winclean -d <destination mount point> -s <value> -v -R -f -a -t -r -u -c -p -j <br>
- where: <br>
- -d <destination mount point>: if not specified, mountallfs will be called <br>
- -s <value>: safe deletion of only tempfiles older than <value> days. <br>
- -v: verbose deletion of files <br>
- -R: report first which files could be deleted <br>
- -f: force continue without prompting <br>
- -a: clean all categories or... <br>
- -t: tempfiles <br>
- -r: recycle bins <br>
- -u: remove uninstall patches information <br>
- -c: Windows dllcache <br>
- -p: hanging printerjobs <br>
- -j: java cache</p>
- <p>
- <style type="text/css">
- <!--
- @page { margin: 0.79in }
- P { margin-bottom: 0.08in }
- -->
- </style>
- </p>
- <p>For the full documentation, refer to the online manpage: </p>
- <p><a href="http://trinityhome.org/manpages/man8/winclean.8.html">http://trinityhome.org/manpages/man8/winclean.8.html</a></p><br><a name="TTVJRRE5QQRJBVB2F61R719J0CHFRFVAZGJFXPBD4SM6D" ="" id="TTVJRRE5QQRJBVB2F61R719J0CHFRFVAZGJFXPBD4SM6D"></a><h1>2.5 Mountallfs</h1><p>
- <style type="text/css">
- <!--
- @page { margin: 0.79in }
- P { margin-bottom: 0.08in }
- H2 { margin-bottom: 0.08in }
- -->
- </style>
- </p>
- <p>This script is about the most handy addon to TRK. It 's a script
- that scans all local storage devices and mounts their filesystems to a
- standard mountpoint, nl. the name of its device name.<br>
- <br>
- mountallfs is a script that searches all local partitions on all local
- drives for any filesystem and tries to mount it. It supports all kernel
- based filesystems as well as fuse-ntfs and ntfs-3g. Furthermore it has
- support for LVM volumes. Currently it also supports pseudo-hardware
- raid volumes found on many desktop sata controllers. umountallfs is its
- counterpart and unmounts all filesystems mounted by mountallfs. Always
- run umountallfs before resetting your computer if you don't intend to
- do a clean shutdown.</p>
- <dl>
- <dt>-g</dt>
- <dd> Mount your ntfs filesystems with the <b>ntfs-3g</b>
- driver. This is the default behavior since build 338 because it allows
- full read/write support on ntfs drives. Performancewise it has much
- more cpu overhead than the kernel based ntfs driver. Most modern PCs
- shouldn't have too many problems with it however. Please note that the
- mount result will mark the ntfs filesystems mounted as 'fuseblk', since
- this is a userland driver which interfaces with the kernel fuse module.
- </dd>
- <dt> -f</dt>
- <dd> Mount your ntfs filesystems with the <b>ntfsmount fuse</b>
- driver. This is somewhat the predecessor to ntfs-3g (hence ntfs-3g is
- the third generation ntfs driver). This fuse option has more limited
- write support than ntfs-3g and is deprecated over ntfs-3g. The mount
- result also shows as being mounted as 'fuseblk'. </dd>
- <dt> -k</dt>
- <dd> Mount your ntfs filesystems with the <b>kernel ntfs</b>
- driver. This is a read-only driver but uses less CPU resources and so
- has better performance. This was the default behavior before build 338
- and is now a new option. </dd>
- <dt> -l</dt>
- <dd> Activate
- Logical Volume Management. This option is for computers with LVM
- volumes and pseudo-hardware raid controllers. If you have such a
- pseudo-hardware raid controller and you configured your disks in mirror
- mode, ALWAYS use this option before doing any operation on your disk
- because otherwise each mirror member might get mounted separately and
- you <b>WILL</b> corrupt your filesystem on it. Default behavior for this option is also to mount ntfs volumes with ntfs-3g. </dd>
- <dt> -q | --quiet</dt>
- <dd style="margin-bottom: 0.2in;"> Do not display any output from the mount result. </dd>
- </dl>
- <p>
- <style type="text/css">
- <!--
- @page { margin: 0.79in }
- P { margin-bottom: 0.08in }
- -->
- </style>
- </p><p>For the full documentation, refer to the online manpage:</p>
- <a href="http://trinityhome.org/manpages/man8/mountallfs.8.html">http://trinityhome.org/manpages/man8/mountallfs.8.html </a><p></p>
- <h2>REMARKS</h2>
- <p>-If your filesystems were not found it might either mean they were
- too corrupted to mount or your disk controller was not detected by TRK.
- You might try more (scsi) drivers by typing 'tryscsi'. This is more the
- case on servers with more advanced disk controllers. However, 'tryscsi'
- might freeze your machine. Be warned! <br>
- -Mountallfs might also warn you that your ntfs volumes have been
- dismounted improperly. This is most likely the case when a Windows
- session was shutdown improperly. Mountallfs will prompt you to
- forcemount the ntfs volume, which invokes an ntfsfix and triggers a
- chkdsk at next reboot into Windows. Please, let this chkdsk run. It
- will solve about half of the possible problems that might occur on your
- ntfs volumes. <br>
- -Another thing you might encounter is that the volume (Windows) is
- hibernated and a hiberfil.sys is present. In that case you will be
- prompted to either remove the hiberfil.sys and forcemount the drive or
- leave it alone. Mounting the drive and leaving the hiberfil.sys could
- corrupt your Windows and make it crash when you resume from
- hibernation. <br>
- -/etc/mountallfstab is the separate config file mountallfs keeps after
- mounting. It uses it for umountallfs to unmount all the volumes
- previously mounted by mountallfs. Umountallfs also does a test that
- there are no more open processes on the volumes (most of the times your
- working directory of your shell). However, it does not take into
- account any mountpoints under your mountallfs mounted volumes. So you
- need to take care of those manually.</p>
- <h2>EXAMPLES</h2>
- <p>Command:'mountallfs -l' searches for LVM volumes and mounts the filesystems inside them.</p>
- <dl>
- <dt style="margin-bottom: 0.2in;">Command:'mountallfs' without any option mounts all filesystems and remounts ntfs filesystems with ntfs-3g</dt>
- </dl>
- <p> </p><br><a name="HH1WPPJEI4DHJTAHXPSYR3637JMCUVX22NNH2YLBSPI18" ="" id="HH1WPPJEI4DHJTAHXPSYR3637JMCUVX22NNH2YLBSPI18"></a><h1>2.6 Updatetrk</h1><p>
- <style type="text/css">
- <!--
- @page { margin: 0.79in }
- P { margin-bottom: 0.08in }
- H2 { margin-bottom: 0.08in }
- -->
- </style>
- </p><p>Trinity Rescue Kit is able to <strong>update itself or better said, add features </strong>through
- the script 'updatetrk'. This requires decent Internet connectivity,
- direct, over a router or via a proxy server (in that case, run '.
- setproxy' first)<br>
- <br>
- The script is very simple to handle:<br>
- Suppose you 've booted from a PC with a Windows XP (2K or NT is also good), you can run updatetrk without any option.<br>
- Since TRK 3.4, updatetrk uses a script called 'getswap' which looks for
- extra virtual memory on local swap partitions and Windows pagefile.sys<br>
- <br>
- Updatetrk fetches external third party, non GPL software (fetches and
- updates all AV engines for virusscan) and creates a new TRK isofile or
- updates your TRK USB stick. It also saves any changes you made to your
- running copy of TRK. It allows you to install tarballs and even rpms
- and have it saved for the next time you run TRK. An example of such
- software is IBM Tivoli Storage Manager client. Adding this software to
- TRK allows you to do offline backup/restores from a TSM server. <br>
- Updatetrk can create a new isofile which you can burn or directly
- update your USB bootmedium. Given that you run TRK on a computer that
- normally runs Windows, it will use the pagefile.sys as extra swapspace
- on which to create its new image. </p>
- <h2>USAGE</h2>
- <p>updatetrk -b [BUILDTARGET] -i [TARGETISOFILE] (or) -u [TARGETUSBDEVICE] -s -a avs,bde,clam,fprot,va -f</p>
- <dl>
- <dt>-b [BUILDTARGET]</dt>
- <dd> Build location where
- intermediate files can be stored. Should be at least 1100mb. Make sure
- no other files reside in that location, as they will be included as
- well. If no build target is given, a script called 'getswap' will be
- invoked which will search for swap partitions and Windows pagefile.sys
- files. This pagefile will be added as swapspace and extend youir
- working memory. This has no consequences for your Windows system
- afterwards. It will just be reused. </dd>
- <dt> -i [TARGETISOFILE]</dt>
- <dd>
- Target dir on which to create the isofile. There should be at least
- 350Mb free on the target. The filename will be automatically given. If
- this option is omitted, the file will be created in the same location
- as the buildtarget. If the buildtarget is omitted, it will be created
- in the temp dir of the drive containing the pagefile. In general this
- will be c:\temp under Windows. </dd>
- <dt> -u [TARGETUSBDEVICE]</dt>
- <dd style="margin-bottom: 0.2in;">
- Target USB filesystem to update. This performs a simple copy to the
- location you specified. In general this is the partition from which you
- booted TRK. </dd>
- <dd style="margin-bottom: 0.2in;"> Example 1:
- 'updatetrk -b /hda1/temp/trkbuilding/ -i /hda1/Docs/' This will use
- /hda1/temp/trkbuilding/ as construction site and create
- /hda1/Docs/trinity-rescue-kit-3.4-363u.iso </dd>
- <dd style="margin-bottom: 0.2in;">
- Example 2: 'updatetrk -u /dev/sda4' will search for a local pagefile as
- construction site and copy back the files to your USB device (or fixed
- harddisc) <br> If you specify no options at all, TRK will always be
- created on a local pagefile as an ISO in c:\temp. If no pagefile is
- found, the script will exit. If you specified a specific buildtarget,
- the files will remain there afterwards at your convenience. Remark:
- option '-i' and '-u' are not useable together. </dd>
- <dt> -s avs,bde,clam,fprot,va</dt>
- <dd style="margin-bottom: 0.2in;"> Skip the inclusion of specific AV engines+updates. The syntax speaks for itself. <br>
- If you skip all AVs, updatetrk will only apply what is currently
- already modified on your running copy. -f Force updatetrk to build,
- even if not enough tempspace is available. It is possible to assign
- more of the swapspace to /dev/shm (the default volatile temporary
- storage location of Linux). Running 'getswap -s 80' f.i. will assign
- 80% of the total memory (ram+swap) available to /dev/shm. With 'df -h'
- /dev/shm you can verify if you arrive at 1.1Gb free space on this
- location. </dd>
- <dd style="margin-left: 0.38in; text-indent: -0.36in; margin-bottom: 0.2in;"> -a<br>
- Copy contents of / (root) completely and “as is” instead of cleaning up
- and omitting certain directories. This will include logs and
- bash_history as well.</dd>
- </dl>
- <p><a name="lbAF"></a> </p>
- <h2>EXAMPLES</h2>
- <p>Example 1: 'updatetrk -b /hda1/temp/trkbuilding/ -i /hda1/Docs/'</p>
- <p>This will use /hda1/temp/trkbuilding/ as construction site and create /hda1/Docs/trinity-rescue-kit-3.4-363u.iso</p>
- <p>Example 2: 'updatetrk -u /dev/sda4'</p>
- <p>This will search for a local pagefile as construction site and copy back the files to your USB device (or fixed harddisc)</p>
- <p><a name="lbAG"></a>If you specify no options at all, TRK will always
- be created on a local pagefile as an ISO in c:\temp. If no pagefile is
- found, the script will exit. <br>
- If you specified a specific buildtarget, the files will remain there afterwards at your convenience. </p>
- <h2>REMARKS</h2>
- <p>-Option '-i' and '-u' are not useable together.</p>
- <p>-If you're behind a proxy server, run '. setproxy' first</p>
- <p>-If you're updating your running USB stick, hard <b>RESET</b> your
- computer as soon as updatetrk has finished, since the underlying
- filesystems will have changed without having been remounted.</p>
- <p>-TRK has an empty rpm database (except for 1 package that does some
- basic “provides”), meaning that almost any RPM you install will protest
- about missing dependencies. <br>
- In many cases, the binaries would work anyway. <br>
- The easiest way to test this is by installing the rpm in this way:</p>
- <p>Type the command: 'rpm -ivh --nodeps <package.rpm>'</p>
- <p>Then test it by executing the binaries. If it fails because certain
- libraries are missing, run ldd /usr/bin/mybinary and check what library
- is missing. Go and look for that library on rpmfind.net and install it.</p>
- <p>Many commercial rpms are compiled in such a way that they are
- compatible with most Linux distros. Most of them require glibc 2.2 or
- higher. TRK is glibc 2.3.4.</p>
- <p><a name="lbAH"></a>-If your CD/RW drive is currently available (booted from RAM or usb stick), you can directly record the isofile. <br>
- For a blank cd, run f.i. 'cdrecord trinity-rescue-kit.3.4-build-363u.iso' <br>
- If you still need to erase your rewritable CD, first run 'cdrecord -blank=fast'</p>
- <p><br>
- </p>
- <p><br>
- </p>
- <h2>What will 'updatetrk' do?</h2>
- <p><br>
- </p>
- <p>-First ask for license agreements to install commercial software</p>
- <p>-Then, it downloads the latest engine + virus signatures for ClamAV<br>
- <br>
- -Next, it downloads F-Prot + updates<br>
- <br>
- -As third antivirus, it fetches Avast Antivirus + updates. You will need a valid license key handy (free registration on site)<br>
- <br>
- -4<sup>th</sup> antivirusscanner is BitDefender and starts the
- installation procedure. This is BitDefender 's own install procedure,
- just follow instructions on the screen, type "accept" for the license
- agreement and leave everything to the default propositions.</p>
- <p>-The last virusscanner it fetches is Vexira. No intervention is needed here.<br>
- <br>
- -Finally, it copies the complete contents of /bin, /sbin /etc and /lib
- to your new TRK. This means that anything you modified or added in
- these directories will be included in your new TRK. This gives you an
- easy way to make small modifications/additions to TRK.</p>
- <p>After that, updatetrk recreates its /usr filesystem squashfs image.
- Since this image is orignally mounted with a pseudo read/write aufs
- over it, volatile changes will be submitted in the new squashfs image.</p>
- <p>Also the initrd is recreated and everything from /bin /sbin /etc
- /lib and /var/lib is copied to it. Logfiles and session-based changes
- are discarded, except if the option -a was added to the commandline.
- Then everything will be copied back “as is”, including bash history f.i.<br>
- <br>
- This script can be run time after time to keep your antivirus signatures up-to-date.<br>
- <br>
- When no destination parameter was given to TRK and you 're running TRK
- from CD, it will move the newly created isofile to the drive where it
- found your pagefile.sys in directory 'temp'. Most likely this will be
- C:\temp.</p>
- <p>
- <style type="text/css">
- <!--
- @page { margin: 0.79in }
- P { margin-bottom: 0.08in }
- -->
- </style>
- </p><p>To get complete and up to date info, please check out the online version of the manpage:</p>
- <p></p>
- <p><a href="http://trinityhome.org/manpages/man8/updatetrk.8.html">http://trinityhome.org/manpages/man8/updatetrk.8.html</a></p>
- <p></p><br><a name="DNEHBFA6ISQPQUF15A9HX1XVYX82E8LIMQQNVRJ480INJ" ="" id="DNEHBFA6ISQPQUF15A9HX1XVYX82E8LIMQQNVRJ480INJ"></a><h1>2.7 Trk2usb</h1><p>
- <style type="text/css">
- <!--
- @page { margin: 0.79in }
- P { margin-bottom: 0.08in }
- H2 { margin-bottom: 0.08in }
- -->
- </style>
- </p>
- <p>This utility puts your <strong>Trinity Rescue Kit to a USB stick/disk</strong>
- or even to a fixed harddisk. This is one of the two methods you can use
- to get TRK running from USB. This is also the recommended and easiest
- method of doing it. Only downside here is that you first have to burn
- the iso version of TRK to CD, boot from it and run it from there.<br>
- <br>
- When given without the noformat option, it will destroy all data on the
- destination device, create a fat filesystem in the 4th partition id of
- the disk. This gives the best compatibility with most BIOSes. <br>
- It is also possible to do a non-destructive transfer to your medium given the -n option. <br>
- The destination medium has to be at least the size of the TRK isofile. Recommended is 256Mb minimum.</p>
- <h2>USAGE</h2>
- <p>trk2usb -d [DEVICE] -s [SIZE] -n</p>
- <p>
- </p><dl>
- <dt>-d [DEVICE]</dt>
- <dd style="margin-bottom: 0.2in;">
- Specify the destination device. In case you use it without the noformat
- option, you need to give the complete disk as argument, not a
- partition. Your disk will be erased, zeroed out and formatted with one
- partition as FAT16 of maximum 1Gb as the 4th primary partition. This is
- for maximum compatibility. </dd>
- <dd style="margin-bottom: 0.2in;"> Example: trk2usb -d /dev/sdc </dd>
- <dt> -n</dt>
- <dd style="margin-bottom: 0.2in;">
- Noformat. Use this option if your device is already correctly formatted
- and you don't want to lose your data on it. This requires you to
- specify the destination as a partition. </dd>
- <dd style="margin-bottom: 0.2in;"> Example: trk2usb -n -d /dev/sdc1 </dd>
- <dt> -s</dt>
- <dd style="margin-bottom: 0.2in;">
- Optionally, you can specify the size of the destination partition in
- Mb. This allows you to add more partitions later. This option is not
- combinable with -n </dd>
- </dl>
- <p></p>
- <p>Read the full and updated manpage online here:</p>
- <p><a href="http://trinityhome.org/manpages/man8/trk2usb.8.html">http://trinityhome.org/manpages/man8/trk2usb.8.html</a></p>
- <p> </p><br><a name="WM8PAWXULFITSRN0X6I1YVCLB9IA41FQDD5E0TYBZ7VGP" ="" id="WM8PAWXULFITSRN0X6I1YVCLB9IA41FQDD5E0TYBZ7VGP"></a><h1>2.8 Trk2iso</h1><p>On
- special demand, I 've created this small utility that creates an ISO
- file of your currently running TRK. It doesn 't update trk, it just
- creates an isofile in the current directory from where the command was
- launched. Here 's how to use it best:<br>
- 'mountallfs -g' => suppose /dev/hda1 is your ntfs c:-drive<br>
- 'mkdir /hda1/temp'<br>
- 'cd /hda1/temp'<br>
- 'trk2iso'<br>
- <br>
- Once the isofile created, you can reburn TRK to CD.</p><br><a name="EGNT0M1F9DJ7XUB34LIEU8DXZVGDWEW0K9IAMAFLDQJ09" ="" id="EGNT0M1F9DJ7XUB34LIEU8DXZVGDWEW0K9IAMAFLDQJ09"></a><h1>2.9 Fileserver</h1><p>
- <style type="text/css">
- <!--
- @page { margin: 0.79in }
- P { margin-bottom: 0.08in }
- H2 { margin-bottom: 0.08in }
- -->
- </style>
- </p>
- <p>In short: <strong>share your drives like a windows fileserver</strong><br>
- Fileserver is a bash script that calls mountallfs and creates Windows
- fileshares from your mountallfs mounted volumes. It can run in
- guest-mode or user secured mode. It can optionally also run read-only. <br>
- The default netbios name will be "TRKSRV" and the workgroup will be
- "WORKGROUP". The server will not register in any WINS or DNS servers,
- so for it to appear in your network neighbourhood might take some time
- because it will use broadcast. <br>
- For quick access to it from an external PC running Windows, it's
- recommended to go to start => run (or "Start Search" in Vista or
- Seven) and type \\1.2.3.4 where 1.2.3.4 is the ip-address of your TRK.
- Fileserver mentions the ip-address in green when it starts. Fileserver
- calls mountallfs to search and mount all local filesystems.</p>
- <p>Fileserver can be called in two modes: in <strong>secured</strong> or in <strong>guest </strong>mode (+ optionally read-only mode)<br>
- <br>
- -<strong>Secured mode</strong> is invoked with the command 'fileserver -s'<br>
- This will prompt your for adding a user and a password that will have
- access to your files remotely. Just follow instructions. Here 's how
- the output would be if you ran it<br>
- <br>
- <font face="Courier New">Starting a username/password secured Samba fileserver and sharing all local filesystems<br>
- Enter a username which will be created to have access to your local files:<br>
- New SMB password:<br>
- Retype new SMB password:<br>
- Added user testuser.<br>
- Mounting all your local filesystems using mountallfs -g<br>
- These are the IP-addresses your fileserver will listen to:<br>
- 192.168.81.5<br>
- Starting SMB services: [ OK ]<br>
- Starting NMB services: [ OK ]</font><br>
- <br>
- -<strong>Guest mode </strong>is invoked with the command 'fileserver -g'<br>
- Use with caution, it allows everyone with network access to the
- computer to go on the local harddiscs. Use only in a trusted
- environment with a firewall or not connected to the Internet.</p>
- <h2>USAGE</h2>
- <dl>
- <dt>-s</dt>
- <dd> Start a secured samba server, i.e. one
- that does not allow guest access. 'fileserver' will prompt you for a
- username and a password. This is the default if no arguments are given.
- </dd>
- <dt> -g</dt>
- <dd> Run a guest enabled samba server. This
- will give anyone full access to the disks of your TRK running computer.
- Use only in an environment you can trust! </dd>
- <dt> -r</dt>
- <dd> Shares are read-only. </dd>
- <dt> stop</dt>
- <dd style="margin-bottom: 0.2in;"> Stops the samba server and unmounts the local filesystems. </dd>
- </dl>
- <p><br>
- </p>
- <h2>EXAMPLE 1</h2>
- <p>TRK to TRK use of fileserver. <br>
- Suppose that we have two PCs both running TRK on the same network. <br>
- We run fileserver on one PC which tells us that its ip-address is, for example, 1.2.3.4 in green characters. <br>
- Then, from the other PC, we give the command: mount //1.2.3.4/hda1 /mnt1 ( fileserver started as guest )</p>
- <dl>
- <dt>or<br>
- </dt>
- <dt><br>
- </dt>
- <dt>mount //1.2.3.4/hda1 /mnt1 -o user=your_user_name ( secured ) A password will be requested. <br>
- </dt>
- <dt>In guest mode, just hit the Enter key <br>
- </dt>
- <dt>In secured mode, enter the applicable password and hit Enter. <br>
- </dt>
- <dt>The selected partition (in this case hda1) of the remote PC (the fileserver) can now be accessed locally as /mnt1.</dt>
- </dl>
- <h2>EXAMPLE 2</h2>
- <dl>
- <dt>TRK as seen from a Windows machine<br>
- </dt>
- <dt>Run the fileserver from the TRK 3.4 simple menu<br>
- </dt>
- <dt><br>
- </dt>
- <dt><img alt="" src="helpdocs_files/trk34_start_fileserver.png" width="[object Object]" align="middle"><br>
- </dt>
- <dt><br>
- </dt>
- <dt>On your windows machine, click Start => Run (Vista and 7 "Start" => "Search" or winkey +r)<br>
- </dt>
- <dt><br>
- </dt>
- <dt><img alt="" src="helpdocs_files/run-fileserver-unc.png" height="177" width="346" align="middle"><br>
- </dt>
- <dt><br>
- </dt>
- <dt>Browse the TRK fileserver, read and write access.<br>
- </dt>
- <dt><br>
- </dt>
- <dt><img alt="" src="helpdocs_files/fileserver-explorer.png" height="600" width="800" align="middle"><br>
- </dt>
- <dt><br>
- </dt>
- </dl>
- <p> </p><br><a name="20T4DLR6P2JZL5SVUKVM5FB7MQPKJQUCFC6INMF3FQSSK" ="" id="20T4DLR6P2JZL5SVUKVM5FB7MQPKJQUCFC6INMF3FQSSK"></a><h1>2.10 Bridge</h1><p>
- <style type="text/css">
- <!--
- @page { margin: 0.79in }
- P { margin-bottom: 0.08in }
- H1 { margin-bottom: 0.08in }
- H1.western { font-family: "Times New Roman", serif }
- H1.cjk { font-family: "Bitstream Vera Sans" }
- H1.ctl { font-family: "Bitstream Vera Sans" }
- H2 { margin-bottom: 0.08in }
- -->
- </style>
- </p><p>Suppose you have a PC of which of which you like to know what
- traffic it generates. Or suppose you have a router on which you like to
- know what traffic passes by. Well, "bridge" will create you a <strong>transparent connection between ethernet cards</strong>
- that passes all traffic and on which you can start sniffing what passes
- by. You could use an old fashion hub that replicates all traffic to all
- of its ports, but nowadays that is almost inexistent, almost any cheap
- hub is in fact a switch that only replicates traffic to the port it is
- needed. In that case, put a computer with TRK in between your
- connection.<br>
- <br>
- <strong>What you need</strong><br>
- <br>
- is a computer with at least 2 network cards and the latest TRK to boot from.<br>
- <br>
- -Once the network cards are connected on both sides (on on the PC, one on the network), <strong>run 'bridge up'</strong>.
- This will setup a bridge and traffic will transparently pass from one
- side to the other. One note here which is quite important: make sure
- only 1 network card has its own ip-address, let the other one without
- (if they both have one, do an 'ifconfig eth1 down' f.i.). I will
- explain this later.<br>
- <br>
- -Now, start sniffing with tcpdump. Run it like this: 'tcpdump -i eth0'
- In this way, you see ALL traffic headers that pass by. If you need to
- filter something specific, use "grep" to get it out. F.i. you need to
- see all http traffic going to 10.0.1.20, run this: 'tcpdump -i eth0 |
- grep 10.0.1.20 | grep http'<br>
- <br>
- About the single ip-address: I have noticed that if you connect two
- network cards to the same network and let them both get an ip-address
- through dhcp (which will subsequently be addresses in the same network
- range) and afterwards connect one to a pc to start sniffing, tcpdump
- will go berzerk and no output will be shown but your TRK will give the
- impression of hanging and will not respond to a ctrl+c signal very
- quickly. After about 10 seconds, it will stop. But you will have
- noticed that sniffing doesn 't work. Well, if one card doesn 't have an
- address, this problem doesn 't occur. So leave at least one nic down.
- You can even leave both down, you don 't need an ip-address to sniff
- the network, "bridge" will bring up both cards in promiscuous mode and
- make a bridge interface "br0".<br>
- <br>
- To bring the bridge down, just type 'bridge down'</p>
- <p>Also read the online manpage on this:</p>
- <p><a href="http://trinityhome.org/manpages/man8/bridge.8.html">http://trinityhome.org/manpages/man8/bridge.8.html</a></p>
- <p></p><br><a name="PSTEW6D05PZF2FK7VHGLCYWQZWP8T538NMCAJF0FVPLMV" ="" id="PSTEW6D05PZF2FK7VHGLCYWQZWP8T538NMCAJF0FVPLMV"></a><h1>2.11 Setip</h1><p>Use this whenever you want to enter a fixed ip address for your network cards</p>
- <h2>Usage</h2>
- <p>setip <interface> | -h<br>
- This command sets the ip information of your network card(s)<br>
- Without an argument, it assumes your network card is eth0<br>
- 'setip -h' shows the help output<br>
- Here 's what the command does:<br>
- <br>
- '<font face="Courier New">setip eth1<br>
- Enter the IP-address for eth1: 10.0.0.1<br>
- Enter the subnet mask for eth1: 255.255.255.0<br>
- Enter the default gateway, <enter> for none: 10.0.0.254<br>
- Enter the IP-address of the DNS server you 'd like to use, <enter> for none: 10.0.0.3<br>
- <br>
- Setting ipaddress 10.0.0.1/255.255.255.0 on eth1<br>
- Setting default gateway to 10.0.0.254<br>
- Setting nameserver 10.0.0.3 in /etc/resolv.conf'</font></p>
- <p>Also read the online manpage on this:</p>
- <p><a href="http://trinityhome.org/manpages/man8/setip.8.html">http://trinityhome.org/manpages/man8/setip.8.html</a></p><br><a name="WU8QP3M0YGLR9XQ8V4MW69X4SZF6ZM1L701LTECHLNZLB" ="" id="WU8QP3M0YGLR9XQ8V4MW69X4SZF6ZM1L701LTECHLNZLB"></a><h1>2.12 Setproxy</h1><p>
- <style type="text/css">
- <!--
- @page { margin: 0.79in }
- P { margin-bottom: 0.08in }
- -->
- </style>
- </p><p>This script prompts you for proxy server settings, should you be
- unable to go directly onto the Internet. Use it without any arguments,
- it will prompt you for proxy ip-address or hostname, proxyport (usually
- 8080) and optionally username and password (invisible). If no
- username/password is required, just leave it blank and hit enter.<br>
- <br>
- This script can also be called upon startup in the bootmenu.<br>
- <br>
- Usage: 'setproxy'<br>
- <br>
- <br>
- If you want your proxyserver to always be included, I recommend you set
- up your LAN to be "TRK-aware", explained later in this documentation.<br>
- <br>
- Setproxy sets the proxy settings for these applications:<br>
- <br>
- -wget<br>
- -links<br>
- -ClamAv<br>
- -F-prot<br>
- -BitDefender<br>
- -general http_proxy environment variable</p>
- <p>Also available for reading is the online manpage:</p>
- <p><a href="http://trinityhome.org/manpages/man8/setproxy.8.html">http://trinityhome.org/manpages/man8/setproxy.8.html</a></p>
- <p><br>
- </p>
- <p></p><br><a name="C3E9S86L5Q2DV4J2X7FRSW3NCGQ426N40T3HR0UMGLR1F" ="" id="C3E9S86L5Q2DV4J2X7FRSW3NCGQ426N40T3HR0UMGLR1F"></a><h1>2.19 Ntfsundeleteall</h1><p>This script is a simple wrapper for the utility 'ntfsundelete'<br>
- <br>
- What it does is <strong>find all deleted files on an ntfs volume and tries to recover them</strong>.
- It does this by looking for traces in the ntfs Master File Table and
- sees whether the file is still available on the disk (or partially
- overwritten). It 's a good utility that recovers your files with the
- original filename but without the relevant path in front. So to avoid
- double recovered filenames, I 've written the script so that it
- prepends the original inode (=internal number for the file on the
- filesystem) before the filename, so you always have a unique filename.
- It 's up to you to rename the files afterwards, but at least you have
- the original name in the recovered filename.<br>
- <br>
- <strong>Here 's how the script works</strong><br>
- <br>
- Suppose you have the volume /dev/hda1 in ntfs from which you wish to recover files.<br>
- Make sure this volume is NOT mounted<br>
- Prepare a place to which you can store your recovered files. Recovered
- files will never be written to the original partition from which you
- recover them because the risk exists you will overwrite other files
- that still need recovery. Let 's say you have space on a network volume
- that you 've mounted on /mnt0 (for this procedure, see the section
- "Getting around with commands"), with a subdir called "recovered"<br>
- Here 's the syntax of ntfsundeleteall: <br>
- ntfsundeleteall Device Savedir [minimum percentage] --force<br>
- <br>
- Now here 's how we do it in our example:<br>
- 'ntfsundeleteall /dev/hda1 /mnt0/recovered'<br>
- <br>
- This is very simple, this will recover any file it finds, even if only
- 1% of the file is recoverable. You 're probably not interested in that,
- because these files are most likely to be corrupt and unusable, so you
- add a parameter on the percentage you wish the file is recoverable. If
- we only want 100% recoverability, make the command like this:<br>
- <br>
- 'ntfsundeleteall /dev/hda1 /mnt0/recovered 100'<br>
- <br>
- You will see the directory /mnt0/recovered filling up with recovered files, hopefully your file is in there.<br>
- <br>
- You might have noticed the parameter "--force". This will only skip the
- check that your filesystem is ntfs, you can use this if you think your
- filesystem is so badly damaged that it won 't even be recognized
- anymore, but I doubt you will be even capable of recovering any files
- then.<br>
- <br>
- Another recommendation I can give you is Photorec. Photorec is a third
- party utility that is able to recover files in a unique way: it is
- independent of the filesystem, it just does raw read of the disk (tries
- to use as much info as it can from whatever filesystem there was on it)
- and tries to recognize known document formats to recover whatever it
- can find. Although the name implies it might only serve to recover
- pictures, it can in fact recover any kind of important document,
- including word and excel, but also file archives such as zip and tar.gz.<br>
- <br>
- The only thing you won 't get from this utility is the original
- filename, so you 'll have to sort out your recovered documents one by
- one.</p><br><a name="MFRIGTQ75RPR5IIC4TXNKUF95JATHDEUIV3PEIMA01RV9" ="" id="MFRIGTQ75RPR5IIC4TXNKUF95JATHDEUIV3PEIMA01RV9"></a><h1>2.13 Getswap</h1><p>Find
- swapspace in Windows pagefiles and swap partitions and use it as
- tempspace. This script is called upon by virusscan and updatetrk to
- find more working memory. In normal circumstances your available ram
- should suffise. </p>
- <p>Getswap will remount /dev/shm and make more shared memory available
- (in e.g. /tmp/) Sometimes you have too little RAM, so a swapdisk is a
- reasonable alternative to gain memory. </p>
- <h2>USAGE </h2>
- <p>
- <style type="text/css">
- <!--
- @page { margin: 0.79in }
- P { margin-bottom: 0.08in }
- -->
- </style>
- </p><p>getswap -s <SIZE in % of total memory> -d -f</p>
- <p></p>
- <p><size memory="" total="" of="" in="">-s SIZE: this parameter allows you to tweak how much of the ram will be made available for /dev/shm (=/tmp in TRK). <br>
- Sometimes you need a huge amount of tempspace. With this parameter you
- can specify the size in percentage of the total amount of memory
- (RAM+swap). Default figure is 50%. </size></p>
- <p><size memory="" total="" of="" in="">-d: disable swap usage and return to original memory situation if possible </size></p>
- <p><size memory="" total="" of="" in="">-f: force disabling even if too much tempspace is used. Will not work if the tempspace is more than 100% of the amount of RAM. <br>
- Will fail at even less. </size></p><br><a name="U49HULJB0RZJRSQX054MZS1LH8P05M7QG7X0I628MRH48" ="" id="U49HULJB0RZJRSQX054MZS1LH8P05M7QG7X0I628MRH48"></a><h1>2.14 Trinisup</h1><p>
- <style type="text/css">
- <!--
- @page { margin: 0.79in }
- P { margin-bottom: 0.08in }
- H2 { margin-bottom: 0.08in }
- -->
- </style>
- </p>
- <p>Trinisup is a tiny utility that connects to a remote server and sets
- up a tunnel to your local TRK. It allows the TRK support team to
- connect to your TRK and share a local console, allowing full access to
- your computer. Trinisup uses ssh with a private key to connect as a
- user to the remote trinityhome.org support server. This user is not
- active until the support team has activated it. So in order to get
- help, you will first have to contact the TRK guys, who can then
- activate this user and provide assistance.</p>
- <h2>USAGE</h2>
- <p>Usage is very simple. Just run 'trinisup'. By default it maps port
- 30000 to your local port 22 (which runs an ssh server). If port 30000
- is already occupied, you can specify an alternate port as an argument
- to trinisup. <br>
- For example: 'trinisup 30001' <br>
- Once the connection is established, you will get a non-interactive message displaying that you are connected. <br>
- Hitting <enter> will disconnect this session as long as no one is
- connected to your computer. If a session is still in progress, this
- connection will only exit as soon as the session is terminated or you
- press ctrl+c <br>
- You need tcp port 443 to be open to the outside world. All other connections happen inside the tunnel.</p>
- <p>A shared local console can be accessed by tapping alt+F6</p>
- <p> </p><br><a name="FKJT61FZ5GVCPWKXWTXSLUF6CQM3YVP36YM2QSRKZCNEY" ="" id="FKJT61FZ5GVCPWKXWTXSLUF6CQM3YVP36YM2QSRKZCNEY"></a><h1>2.15 Pi - automated backup wrapper script originally for Partition Image</h1><p>Pi
- is a third party tool contributed by a few great guys (also responsible
- for the TRK menu) who wish to remain anonymous. Below is the
- (elaborate) manpage.</p>
- <h2>NAME</h2>
- <p>pi - automated backup wrapper script originally for Partition Image</p>
- <h2>SYNOPSIS</h2>
- <p>pi -c -i [CONFIG FILE] -a -k [NUMBER OF COPIES] -d </p>
- <h2>DESCRIPTION</h2>
- <p>The pi script was designed for:</p>
- <p>make possible a fully automated backup system. <br>
- facilitate the use of partimage. </p>
- <h2>OPTIONS</h2>
- <p>Type pi then <RETURN> to launch interactive mode.</p>
- <dl compact="compact">
- <dt><b>-c :</b></dt>
- <dd> <b>search a
- pi.cfg configuration file and loads it if found. If this file contains
- the parameter AUTO=1, the backup will run automatically. </b></dd>
- <dt><b>-a :</b></dt>
- <dd> <b>Starts the backup automatically (same as AUTO=1 in pi.cfg) </b></dd>
- <dt><b>-k # :</b></dt>
- <dd> <b>This option (keep) sets the number of copies of the image to be kept. See details in Section </b><i>Old backups</i> below </dd>
- <dt><b>-d :</b></dt>
- <dd> <b>debug
- mode. The backup will not be actually launched and the command that
- would have launched partimage is only displayed on the screen </b></dd>
- <dt><b>Trick :</b></dt>
- <dd> <b>If you execute pi with -c -d, you will see which partition(s) and destination are selected from the found pi.cfg file.<br>
- </b> </dd>
- </dl>
- <h2>FILES</h2>
- <dl compact="compact">
- <dt><b>pi.cfg :</b></dt>
- <dd> <b>pi can use a configuration file. This file is not needed in interactive mode. This file has two purposes : </b>
- <dl compact="compact">
- <dt><br>
- </dt>
- <dd>
- <dl compact="compact">
- <dt><b>Add menu entries
- <dd> pi automatically creates the list of your local drives. If you want to backup to a network drive, you must add it in pi.cfg </dd>
- </b></dt>
- <dt><b>Automatic mode
- <dd>
- All selections can be set in pi.cfg and then pi can run without any
- user intervention A pi.cfg file corresponding to your backup is created
- in the destination directory each time a backup is successful. </dd>
- </b></dt>
- </dl>
- </dd>
- </dl>
- </dd>
- <dt><b>partition_info.txt :</b></dt>
- <dd> <b>Each time you make a backup, a file named </b><i>partition_info.txt</i>
- is created in the destination directory. This file contains information
- on your partitions (all partitions of all local drives, even USB disks
- or USB keys). This may be useful in case you have to repartition your
- disk after a crash. <br>
- <b>WARNING :</b> partimage is unable to
- restore an image on a partition smaller than the original partition.
- See the documentation of partimage for details. Therefore it is very
- important to know the size of the partition that an image contains.
- unpi, the complementary script of pi, will give this information but
- you can also find it in partition_info.txt. </dd>
- </dl>
- <h2>MOUNT POINT</h2>
- <p>pi mounts the backup unit you have chosen on /sysbackup </p>
- <h2>RELATED SCRIPTS</h2>
- <p>Well, you have make an image not only for the fun, you may want to restore it one day. You can use partimage or <b>unpi</b> the little brother of pi which will help you for restore in the same way that pi helps you for backup. </p>
- <h2>INTERACTIVE MODE</h2>
- <p>If the pi script is run with the <b>-c</b>
- option, and there is a pi.cfg file in the root directory of any disk in
- the machine, or in /trk/trk3/pi or in /etc/pi and all options necessary
- are set, then pi is launched automatically, using the pi.cfg
- parameters. If pi.cfg is not found or uncomplete, pi exits immediatly.</p>
- <dl compact="compact">
- <dt>*</dt>
- <dd> If the pi script is run without the <b>-c</b> option then pi is launched interactively and three successive menus ask the user to select: </dd>
- <dt>*</dt>
- <dd> The unit or units to save. </dd>
- <dt>*</dt>
- <dd> The destination disk that store the backup (local drive or network) </dd>
- <dt>*</dt>
- <dd> The destination disk list may be customized using MENU_UNIT[], MENU_LOGIN[] and MENU_PASS[] in pi.cfg file. </dd>
- <dt>*</dt>
- <dd> The destination directory </dd>
- <br>
- </dl>
- <dl compact="compact">
- <dt>a) The partitions to save</dt>
- <dd>Here
- you can select a partition in the list of partitions found by the
- system, or select "information on partitions" for more information on
- your partitions, or select "select several partitionsâ€. In this case
- you must type the names of the partitions to save as they appear in the
- list, separated by spaces. For example: <br>
- hda1 sda1 </dd>
- <dt>b) The destination drive (the one on which the backup will be saved).</dt>
- <dd>A
- list presents successively the units defined in pi.cfg and the units
- that the system finds on local disks. After selecting the unit, the
- script will attempt to mount the disk. If it fails, an error message is
- sent and the script stops. Possible causes include, among others: <dl compact="compact">
- <dt><br>
- </dt>
- <dd>
- <dl compact="compact">
- <dt> <br>
- </dt>
- <dd>1.
- You have chosen an NTFS partition and Windows has been put in hibernate
- state on the disk. In this case, NTFS partitions are not closed and
- they cannot be mounted rread/write, you can only read. It is possible
- to make a backup of such partition, but you cannot use it as the
- destination unit. To avoid this error, completely shut down Windows
- before starting TRK Autobackup. Since TRK revision 3.4 : hibernated
- partition cannot be written, but the state of other not closed
- partitions is normally solved by ntfs-3g which is able to successfully
- mount them for writing. However it is always better to properly shut
- down Windows before making a backup. </dd>
- <dt> <br>
- </dt>
- <dd>2.
- The system also put in the list extended partitions, which can disturb.
- An extended partition is a mere container and cannot receive files. For
- information on how your partitions are made, use the "information about
- partitions" option of the main menu. </dd>
- <dt> <br>
- </dt>
- <dd>3.
- You have selected a network drive and the network connection is not
- good, or your LOGIN and PASSWORD parameters are incorrect. </dd>
- </dl>
- <p> </p>
- </dd>
- </dl>
- </dd>
- <dt>c) The destination directory</dt>
- <dd>In
- the destination device previously defined, the script can either use
- the existing directories that are presented here, or a new directory:
- in this case select the last option and type a directory name <b>without spaces in its name.</b> We are in Linux which does not accept spaces in the names of directories and files. <br>
- Then the script will present you a summary of your choices that you can confirm or reject by <b>y</b>(es). or <b>n</b>(o).
- In the last case the script closes. Finally before running the backup a
- last message information is presented. You can again interrupt the
- process by pressing any key other than SPACE or ENTER, or type on ENTER
- to immediately start the backup, or let the script look after himself.
- After 15 seconds, if you do nothing, it will launch the backup. </dd>
- </dl>
- <h2>AUTOMATIC MODE</h2>
- <p>To
- enable automatic operation, you must file a pi.cfg in the root
- directory of a partition of the machine (all mountable partitions are
- scanned) or in /trk/trk3/pi (for TRK users) or in /etc/pi and the
- script must be launched with option <b>-c</b>. The first file found will be used. <br>
- If the file is found, the parameters are loaded and the backup is
- started. This backup will be excuted without any user intervention if
- all necessary parameters are set in the file and if AUTO has been set
- to 1. but there are two confirmation messages which are displayed for
- 10 or 15 seconds, and during this time you may stop the process before
- the backup starts. If AUTO=0, then a confirmation is requested from the
- user. If you add the command pi <b>-c</b>
- to your trklocscript file in the trk3 directory, then you can have a CD
- or USB key which will backup the partitions you have defined without
- any intervention of the operator : just boot on the CD or the USB key,
- and you are done. This is handy if you want users who don't know
- anything about computers to be able to save their system disk from time
- to time.</p>
- <p> </p>
- <p>To setup automatic mode, the recommended steps are :</p>
- <p> </p>
- <dl compact="compact">
- <dt>*</dt>
- <dd> Use pi in normal interactive mode to make your first backup. </dd>
- <dt>*</dt>
- <dd>
- Once you are satisfied and anything works as you want, locate the the
- pi.cfg file which has been created in your successful backup directory </dd>
- <dt>*</dt>
- <dd>
- Copy this file in the root of your first drive (any other drive can be
- chosen, but it is more easy to use the first one, generally sda1 or c:)
- </dd>
- <dt>*</dt>
- <dd>You can edit this file in Linux or
- Windows if you want to change something, Windows end of lines are
- supported. Complete description of this file format is explained below
- in the section <i>CONFIGURATION FILE</i>. </dd>
- <dt>*</dt>
- <dd> At this point, if you run <b>pi -c</b> your backup will start automatically. You will have two occasions offered to you to stop it.
- <p>If
- you add the command pi -c in the trklocscript file in the trk3
- directory of your TRK disk, then it is possible to start a backup by
- just booting on this disk, without any further intervention.
- Complementary details are found in the FAQ. $$$</p>
- </dd>
- </dl>
- <h2>FILES CREATED</h2>
- <p>Pi creates three files (or file set) in the destination directory :</p>
- <dl compact="compact">
- <dt>*</dt>
- <dd> The partimage files with extension .000, .001 .002 etc. </dd>
- <dt>*</dt>
- <dd> a pi.cfg file with the configuration you have just used and which can be used for automatic process. </dd>
- <dt>*</dt>
- <dd>a
- partition-info.txt file, which contains the details of your hard disks
- configuration. It may be very useful in case you must reformat your
- disk <p> </p>
- </dd>
- </dl>
- <h2>BACKUP SCREEN</h2>
- <p>During
- the backup, partimage shows a screen that displays the progress of the
- operation. Despite the message that is displayed at the bottom of the
- screen, it is unfortunately not possible to interrupt a backup because
- the * option does not work. This is a bug in partimage. If you want to
- stop anyway, you can do a ctrl+alt+del. You will just need to think
- about delete the created files.<br>
- </p>
- <h2>OLD BACKUPS</h2>
- <p>The
- script handles the number of copies of your partitions you want to
- keep. The default is 2 (the copy you just made, and one older). This
- value can be changed with the option -k. 4 will mean : the image just
- made + 3 older copies (total : 4 copies). Examples :</p>
- <dl compact="compact">
- <dt><br>
- </dt>
- <dd> -k1 : One image : all older images are deleted <br>
- -k2 : The last image + 1 older image (default) <br>
- -k3 : The last image + 2 older images <br>
- <br>
- -kn : The last image + (n-1) older images <br>
- <br>
- -k0 : Special mode (see below : IN CASE OF LOW SPACE IN THE
- DESTINATION) The digit does not mean the number of older copies but the
- total number : -k2 will not keep two older copies but one. </dd>
- </dl>
- <p>The behaviour is the following :</p>
- <dl compact="compact">
- <dt><br>
- </dt>
- <dd>
- <dl compact="compact">
- <dt> <br>
- </dt>
- <dd>a) the current backup is performed into temporary files. </dd>
- <dt> <br>
- </dt>
- <dd>b) these temporary backup files are renamed with their final backup filenames, like 20YY-MM-DD-X-hda1.000 </dd>
- <dt> <br>
- </dt>
- <dd>c)
- a sub-directory is created with the following name:
- 20YY-MM-DD-saved_partition, for example: 2010-06-22-hda2 and the
- current backup files of this partition are transferred under this
- sub-directory. </dd>
- <dt> <br>
- </dt>
- <dd>d)
- depending of the number specified with the k option, old backups are
- deleted: for example, if user has specified pi -c -k 4 and there are
- already 3 existing 20YY-MM-DD-saved_partition sub-directories, the
- oldest one will be automatically removed once the current backup will
- have successfully completed. </dd>
- </dl>
- </dd>
- </dl>
- <p> </p>
- <h2>CONFIGURATION FILE (pi.cfg)</h2>
- <p> </p>
- <p>CAUTION: The name of the configuration file is pi.cfg or PI.CFG or Pi.cfg. ALL OTHER SPELLINGS WILL BE IGNORED.</p>
- <p>Spaces are not allowed in file names or directory (replace them by _ or -)</p>
- <p>When
- you have completed a backup, the destination directory contains a
- pi.cfg file corresponding to the options you had choosed. Here is a
- possible example :</p>
- <p> </p>
- <p>___________________________________________________________________</p>
- <p># No space before and after the = sign <br>
- # The names are case-sensitive <br>
- # No backslashs: \, only slashs/</p>
- <p> </p>
- <p># MENU_UNIT[x]=//192.168.1.4/sysbackup specify a network disc to be displayed in the interactive choice of BACKUPDRIVE <br>
- # MENU_LOGIN[x]=//192.168.1.4/sysbackup specify login of the network
- disc[x] displayed in the interactive choice of BACKUPDRIVE <br>
- # MENU_PASS[x]=//192.168.1.4/sysbackup specify password of a network
- disc[x] displayed in the interactive choice of BACKUPDRIVE <br>
- # x index start at number 1. Several network discs may be specified using different indexes. <br>
- # Destination automatic backup unit. It may be a network drive, for example: <br>
- # BACKUPDRIVE =//192.168.1.4/sysbackup <br>
- # In this case the parameters LOGIN and PASSWORD are required <br>
- # Or a local unit such as BACKUPDRIVE=/sdb1 <br>
- BACKUPDRIVE=//192.168.1.4/sysbackup <br>
- LOGIN=mylogin <br>
- PASSWORD=mypass</p>
- <p># Backup directory in automatic mode <br>
- DEST=Lawrence</p>
- <p># Beginning of backup files' names; <br>
- # pi will generate 20YY-MM-DD-X- prefix in the filename of the unit to backup <br>
- # (X=A for automatic and I for Interactive) and partimage will add the extension 000, 001 and so on. <br>
- # Example : in Automatic mode, the resulting file should be : <br>
- # “<b>20YY-MM-DD-A-hda1.000</b>†<br>
- # Example : in Intercative mode, the resulting file should be : <br>
- # “<b>20YY-MM-DD-I-hda1.000</b>â€</p>
- <p># Partitions to backup in automatic mode <br>
- # If there are multiple partitions, separate them by spaces, <br>
- # and put it between quotation marks <br>
- # Example PARTITION="sda1 sda5" <br>
- PARTITION="sda1"</p>
- <p># If AUTO=1 and a pi.cfg configuration file was found, <br>
- # the backup is done without any user intervention <br>
- AUTO=1 <br>
- KEEP=2</p>
- <p>___________________________________________________________________</p>
- <p> </p>
- <p><b>Remarks: </b></p>
- <p>Always
- use the forward slash and not the backslash: we are in Linux and not in
- Windows. Long before Microsoft existed, the backslash was an escape
- character on Unix. Only Microsoft's commitment to be "like no other"
- has led to ignore this meaning and use the backslash in directories'
- path. Linux meets Unix standards. There are never spaces before or
- after the equal sign under penalty of non-functioning of the script.
- The parameters' names are always written in uppercase.</p>
- <p><b>BACKUPDRIVE:</b></p>
- <p>You
- may indicate a network drive, and in this case it will be also
- mandatory to specify LOGIN and PASSWORD. The format will be:
- //xxx.xxx.xxx.xxx/shared_directory_name. This can also be a local drive
- and in this case the format will be, for instance: /dev/sda1. It is
- prudent to use the complete device names returned by info on
- partitions. /sda1 should work too, but /dev/sda1 is safer.</p>
- <p><b>DEST:</b></p>
- <p>This
- is the destination directory to be used (and possibly created) in the
- unit selected by BACKUPDRIVE. It is possible to select a subdirectory,
- but in this case it is mandatory that the directory already exists.
- Example:</p>
- <p><FILE> - <partition> .000 DEST=backup/system/unite_c</p>
- <p>If the saved partitions are hda1 and hda5, the following files are created (X=A or I):</p>
- <p>20YY-MM-DD-X-hda1.000 20YY-MM-DD-X-hda5.000</p>
- <p><b>PARTITION:</b></p>
- <p>This parameter contains the names of the partitions to backup. If there is one partition, you can simply specify it as follows: <br>
- PARTITION=hda1 <br>
- If there are multiple partitions, they must be separated by spaces and put between quotation marks: <br>
- PARTITION="hda1 hda5" <br>
- It is allowed to have spaces between quotation marks but it is
- prohibited outside. PARTITION= "hda1 hda5" will not work because you
- should never have a space before and after the = sign <br>
- Note the different syntax from BACKUPDRIVE. There's no slash or /dev/.</p>
- <p> </p>
- <p><b>AUTO:</b></p>
- <p>AUTO=1
- enables automatic backup and a delay is placed on the confirmation
- messages. It is possible to interrupt the process by pressing any key
- other than SPACE or ENTER during the period. After the delay and
- without user intervention, backup is started.</p>
- <p> </p>
- <p> </p>
- <p><b>KEEP:</b></p>
- <p>This parameter has the same meaning as the parameter -k (see the section "Old backups" above). The default value is 2.</p>
- <p> </p>
- <h2>IN CASE OF LOW SPACE ON THE DESTINATION</h2>
- <p>using -k0 option</p>
- <p>In
- the normal process described above, there is a moment where you have
- two images of your partition : one that is currently on temporary files
- and one which is in the normal directory. If you do not have enough
- space on your disk for this, you can use the <b>-k</b> option with a value of 1 or 0</p>
- <p> </p>
- <dl compact="compact">
- <dt><b>-k1 </b></dt>
- <dd> <b>If
- you have enough disc space for two copies of the image but want to keep
- only the last, this parameter will cause the following behaviour: </b>
- <dl compact="compact">
- <dt><br>
- </dt>
- <dd>
- <p><b>a) creation of the new image in temporary files <br>
- b) if the image was successful, the old image is erased <br>
- c) the new image files are renamed. <br>
- If the image had failed, temporary files remain on the disk. They will
- be overwritten by the new image when you will try again to make one.
- You can also delete them yourself. </b></p>
- </dd>
- </dl>
- </dd>
- <dt><b>-k0</b></dt>
- <dd> <b>If you have just the place for an image, this parameter will give the following behavior: </b>
- <dl compact="compact">
- <dt><br>
- </dt>
- <dd> <b>a) erase the existing image <br>
- b) creation of the new image <br>
- Warning: this mode is not secure because if the creation of the new
- image fails, the old image has already been erased. </b></dd>
- </dl>
- </dd>
- </dl>
- <p> </p>
- <h2>FAQ</h2>
- <dl compact="compact">
- <dt> <br>
- </dt>
- <dd>Q: How can I make a fully automatic image system for my hard disk ? </dd>
- <dt> <br>
- </dt>
- <dd>A:
- The first step is to setup a pi.cfg file which will do what you want :
- save your system partition or all your partitions to a given
- destination. <br> Once this is done and you can run pi -c and get the
- result you want, the hardest part is done. See above for all
- informations on this step. <br>
- Now you have to run this automatically when TRK starts. This is easy :
- <dl compact="compact">
- <dt><br>
- </dt>
- <dd>
- <dl compact="compact">
- <dt>*</dt>
- <dd> Add a file with the name "trklocscript" in the trk3 directory of your TRK USB key or your TRK CD. </dd>
- <dt>*</dt>
- <dd> In this file add this line : <br>
- pi -c <br>
- You are done. </dd>
- </dl>
- </dd>
- </dl>
- </dd>
- <dt> <br>
- </dt>
- <dd>Q: My computer does not boot on an USB device and I must boot on CD. I cannot copy a file to a CD. </dd>
- <dt> <br>
- </dt>
- <dd>A:
- When you burn your TRK CD, be careful to let the session open. This can
- be configured if you are using CdBurnerXP on windows. Some versions of
- Nero automatically close the session and don't let you add anything. <br>
- - Open your CD in a CD burner program <br>
- - Choose the option to continue the CD <br>
- - add trklocscript as described above in the trk3 directory <br>
- - burn your cd <br>
- - Run it. You are done. </dd>
- <dt> <br>
- </dt>
- <dd>Q: And what will happen with this CD/USB key ? </dd>
- <dt> <br>
- </dt>
- <dd>A:
- Just boot a computer which has a valid pi.cfg file in the root
- directory of one of its disks, and the backup defined in that pi.cfg
- file will be performed. If you had set AUTO=1, just sit back and relax
- the job will be done automatically. If you are suspicious and want to
- know what happens before it is performed, then set AUTO=0 and you will
- have a confirmation screen. </dd>
- <dt> <br>
- </dt>
- <dd>Q: I am lazy and I want a simpler solution </dd>
- <dt> <br>
- </dt>
- <dd>A: OK. You must first create a TRK USB key with trk2usb. <br>
- Add trklocsript to the trk3 directory of this key <br>
- Ask a friend who has a computer which starts on USB key to start his
- computer on your TRK USB key and to run the command : <br>
- trk2iso <br>
- N.B. He must first change to a directory with at least 150 Mo of free space <br>
- Then ask him to give you the iso file created. <br>
- Burn it and you are done. </dd>
- <dt> <br>
- </dt>
- <dd>Q: This is not so simple </dd>
- <dt> <br>
- </dt>
- <dd>A:
- At first, yes. But once you have your USB key it is very easy to modify
- it, and then ask your friend to create the new iso. If he is patient
- enough, it is a good solution. <br>
- </dd>
- <dt> <br>
- </dt>
- <dd>Q: I don't want to run always pi on startup. Is it possible to have this feature enabled on a computer and not on another ? </dd>
- <dt> <br>
- </dt>
- <dd>A:
- Yes, it is easy : with the pi -c command in the trklocscript file, if a
- computer has a pi.cfg file, pi will run when TRK starts. If a computer
- does not have this file, then pi will appear for 3 seconds, then
- disappear and the TRK menu will be shown. <dl compact="compact">
- <dt><br>
- </dt>
- </dl>
- </dd>
- </dl>
- <h2>LICENSE</h2>
- <p>Public domain</p>
- <h2>AUTHORS</h2>
- <p>Frank Michel (for the menus), Gaston and Averell</p><br><a name="3HU5ZWWY8SYP7AEGNHT9CEDCSWG7RQEJXZELK1AJJYYGZ" ="" id="3HU5ZWWY8SYP7AEGNHT9CEDCSWG7RQEJXZELK1AJJYYGZ"></a><h1>2.20 Clonexp (obsoleted by mclone)</h1><p>
- <style type="text/css">
- <!--
- @page { margin: 0.79in }
- P { margin-bottom: 0.08in }
- -->
- </style>
- </p>
- <p>Clonexp clones an ntfs partition to another computer over the
- network. Both PCs must be running the same version of TRK.. The one who
- is receiving the data must run with sshd enabled (triggerable from the
- simple TRK menu)<br>
- <br>
- Basically what it does is run ntfsclone in save mode to stdout at one
- computer and restore mode from stdin on the other, piping over ssh
- between eachother.<br>
- <br>
- When running clonexp, make sure your source partition is smaller or
- equal to what can fit on the destination. Ntfsclone (and subsequently
- clonexp) cannot dynamically resize a partition, so it 's a good thing
- to make the destination partition equal or bigger in size than the
- source. Do this easily with parted, supplied on TRK. If your maximum
- possible destination size is smaller than your source, try making your
- source smaller with parted. At least, if the data on it is less than
- the destination and the volume is not too fragmented.<br>
- <br>
- Also make sure neither of the local nor remote filesystems are mounted, or the script will exit.<br>
- <br>
- Clonexp can run in two modes: without any arguments, it runs in
- interactive mode and prompts you for source device, destination host
- and destination device. It will each time test whether these things
- exist.<br>
- <br>
- You can also run it in a single commandline, in this way (drop the <>):<br>
- clonexp <sourcedevice> <destinationhost>:<destinationdevice><br>
- e.g. 'clonexp /dev/hda1 192.168.0.7:/dev/hda1'<br>
- <br>
- It will prompt you once for the password you have entered on the remote
- TRK machine and then start copying the data. There is also the option
- '--bkupbr', which will first backup your partition bootrecord and later
- save that as a file on your newly created partition. Although it may
- never really serve, I give this opportunity should you ever be unable
- to boot from the partition and you want to play around a bit with your
- old bootrecord. This might as well completely obliterate your
- partition, so use with caution (backups 'n stuff ready...)<br>
- I was once able to make a cloned unbootable partition bootable this way
- by afterwards running from the Windows XP recovery console and do a
- chkdsk.<br>
- It 's recommended you use clonexp only between computers which have the
- same disk layout, or even better, are exactly the same hardware.<br>
- Clonexp is obsoleted by mclone, which is more efficient, more bugfree and multiclient capable</p>
- <p> </p><br><a name="4WP777Y6KKDSK5E2140SK6QED0J74GSY26W03JWEV0X5V" ="" id="4WP777Y6KKDSK5E2140SK6QED0J74GSY26W03JWEV0X5V"></a><h1>3. Procedures</h1><p>Let
- 's talk a little on what actions you should take in time of need, how
- to best use TRK to perform troubleshooting, or how you even might work
- with tools other than TRK.</p><br><a name="LIAT4IG4QYXT3EP1K2EVX276MK95G33SC3B7CH1S6NBZT" ="" id="LIAT4IG4QYXT3EP1K2EVX276MK95G33SC3B7CH1S6NBZT"></a><h1>3.1 Rescueing files of dying harddiscs (mounting network => cp, ddrescue)</h1><p>
- <style type="text/css">
- <!--
- @page { margin: 0.79in }
- P { margin-bottom: 0.08in }
- H2 { margin-bottom: 0.08in }
- -->
- </style>
- </p><h2 lang="en-GB">Cool it!</h2>
- <p style="margin-bottom: 0.17in;" lang="en-GB">When you have a
- harddrive that is starting to die on you (bad clusters, physical
- damage), it is imperative that you "upset" the disk as little as
- possible. In most cases the cause of your dieing disk is heat: hard
- drives can get very hot, especially when heavily used and poorly
- cooled. A good consideration is to make sure that your disks are placed
- freely floating so heat can get away easily. Also make sure that all of
- your fans in your computer blow in the same direction. A standard here
- is that fans in the front "inhale" air, while fans in the back of your
- computer "exhale". If you are considering placing a fan inside your
- computer directly on your disk, it is best practice to let it blow away
- from the disk. This way you create a vacuum and no air anywhere, not
- even in the smallest holes, can sustain in a vacuum.<br>
- <br>
- Another good practice is to attach your disks firmly to the computer,
- so the iron from the chassis can guide away heat from the disk. Note:
- Do this only by attaching the sides of the harddisks to the chassis.<br>
- <br>
- Now, in case it is already too late and your disk is dieing, it may be
- that it works fine initially and then starts to make funny noises
- afterwards: probably the bearings have worn out or the platters are
- starting to distort and the heads are grating on the surface of the
- disk.</p>
- <h2 lang="en-GB">The most important thing here is to hurry up and get those files off that disk.</h2>
- <p style="margin-bottom: 0in;"><span lang="en-GB">One suggestion I might give here might sound weird, but it worked for me already in many cases:<br>
- </span><strong><span lang="en-GB">put the disk in the fridge</span></strong><span lang="en-GB">
- for a while and then boot it up! Really, I'm not kidding. However,
- don't freeze it, that will only make it worse. Put it in a normal
- refrigerator and let it cool down in there. Also put a towel around it
- to avoid condensation.<br>
- Another possibility here is to connect your disk externally through a
- disk-to-USB cable that you can buy for 20$ or less at your local
- computer shop. (or connect the disk to an IDE cable that hangs out of
- your PC like guts)<br>
- Now, should you have that, go and look for that wine cooler pack you
- got for your birthday, you know, those plastic things you put around a
- bottle to keep it cool (or go and buy it at your local grocery store).
- A gelpack to ease the muscles can also do the trick, but don't get it
- out of the freezer where it's minus 18° Celsius, that is far too cold
- and might damage your disk even more. Always wrap a towel around your
- disk first.<br>
- <br>
- Now, once this is in place, you will have a better time window to start recovering files.</span></p>
- <h2 lang="en-GB">What you can try, from good to bad to worst case scenario.</h2>
- <p style="margin-bottom: 0in;" lang="en-GB">In the best case you will be still able to mount the filesystem on the disk. Use mountallfs to search for all local filesystems.<br>
- <br>
- Make sure you have a location to which you can copy your recovered
- files. This can be another local disk or a remote network filesystem
- such as a Windows share. How you should reach this safe haven is
- explained earlier in this document (Getting around with commands).<br>
- <br>
- So let's assume a few things:<br>
- <br>
- -mountallfs manages to mount your filesystems on your dieing disk<br>
- -you mount a remote network share:</p>
- <p style="margin-bottom: 0in;" lang="en-GB">'mount -o username=administrator,password=mypassword //10.0.0.5/c$ /mnt0'<br>
- -'cd /hda1' where hda1 is your dieing disk<br>
- -do an 'ls' to see that you can still see files there.<br>
- -go to the directory from which you would like to recover documents.
- Don't start to try and copy all files, your time here is limited and it
- is very likely that your disk is damaged in places where it has read
- and written many times. In the case of a Windows system, this is the
- WINDOWS system directory. Stay out of it, there are normally no
- documents there.<br>
- <br>
- More likely you will do something like this:</p>
- <p style="margin-bottom: 0in;" lang="en-GB">'cd /hda1/Documents\ and\ Settings/John\ Doe/My\ Documents'<br>
- <br>
- -If you don't know how many documents you are going to save, do an 'ls
- -l'. If you see there are many subfolders, do an 'ls -lR' or 'du -h'.
- 'ls -lR' is the equivalent of a dos 'dir /s', but it is better to do
- 'du -h'. This will tell you how much data there is in this folder,
- whether there are big files, small files, many files, etc...<br>
- -Once you know this, estimate what you have to rescue. Listen to what
- the disk has to say, if it starts making funny noises already, try to
- save important data first.<br>
- -Let's say all is well, start a copy (first make a remote dir to save your files to):<br>
- 'mkdir /mnt0/recovered'<br>
- 'cp -rvf * /mnt0/recovered' <br>
- This command starts a copy of all files (*) to /mnt0/recovered, all
- subdirs (r), shows the progress file by file (v) and forces overwriting
- files on the remote location (f).<br>
- <br>
- If this works out: good for you.</p>
- <h2 lang="en-GB">Otherwise...</h2>
- <p style="margin-bottom: 0in;" lang="en-GB">If your disk starts to make funny noises and you see error messages such as</p>
- <p style="margin-bottom: 0in;" lang="en-GB">"Disk Seek Complete Error",
- this means we are running into bad clusters and your copy operation
- will probably slow down dramatically.<br>
- In this case, try to start copying files or folders more separately.
- Skip the files first on which it runs into errors. There are other
- means to (maybe) recover them later.<br>
- If that works out, but you still need the other files, let's try something else.</p>
- <p style="margin-bottom: 0in;" lang="en-GB">I recommend you let the
- disk rest for a while by turning it off for about 20 minutes and put it
- in the fridge wrapped in a towel.<br>
- Once you've started it up again, you might have another go at copying
- the bad files again, but cancel it as soon as you run into the same
- problems again.<br>
- <br>
- In this case go over to using ddrescue.<br>
- <br>
- ddrescue takes an input file and copies it to an output file, just as a
- normal dd would do. In this case, however, there are a few differences:
- it tries to copy raw data from a file, but it will not try for too long
- when it runs into bad, completely unreadable clusters; it will fill up
- the unreadable spaces with zeroes.<br>
- Example: 'ddrescue /hda1/Documents\ and\ Settings/John\ Doe/My\ Documents\outlook.pst /mnt0/recovered/outlook.pst'<br>
- You can see here that the rescue is file by file. Here is a quick oneliner to rescue a complete directory.<br>
- 'cd /hda1/Documents\ and\ Settings/John\ Doe/My\ Documents\; for i in *; do ddrescue "$i" "/mnt0/recovered/$i; done"'<br>
- <br>
- Another way of trying to rescue your data is to go and copy complete
- disks or partitions. Just so you can be able to use Windows' chkdsk
- later on the rescued filesystem, ddrescue the contents to another
- partition on another disk. It is also possible to rescue the filesystem
- to a file and try to mount the file as a loopback device from
- Linux/TRK, but you won't be able to let Windows access it.<br>
- So here goes an example (make sure nothing is mounted, neither source nor destination): 'ddrescue /dev/hda1 /dev/hdb1'<br>
- In this case you will raw copy the complete contents of your partition
- /dev/hda1 to /dev/hdb1. Make sure /dev/hdb1 is equal or bigger than
- /dev/hda1<br>
- Boot into Windows and let it run a chkdsk on it (or use the Windows install CD in recovery mode).<br>
- If your filesystem is native Linux, such as an ext2 filesystem, you can
- rescue it to a normal file somewhere and run e2fsck on it like that. <br>
- Example: 'ddrescue /dev/hda1 /mnt0/rootfilesystem.img logfile-hda1'<br>
- <br>
- If ddrescue was unable to rescue all of your hda1 because it had to
- skip certain sectors, try going into raw mode, which will bypass your
- kernel disk i/o layer and read sector per sector. In raw mode it is
- much slower, but ddrescue keeps its already completed work in a logfile
- and only does the sectors that were skipped. <br>
- Use it then like this: <br>
- 'modprobe raw' <br>
- 'raw /dev/raw/raw1 /dev/hda1' <br>
- 'ddrescue -r3 /dev/raw/raw1 /mnt0/recovered-hda1.img logfile-hda1' <br>
- Once you have this, restore the image to another disk that boots into a
- normal PC into Windows and try running chkdsk against it.<br>
- <br>
- If it was a Linux filesystem (ext2 for example), there is no need to restore it:<br>
- <br>
- 'e2fsck -v -f /mnt0/ rootfilesystem.img'<br>
- 'mount -o loop /mnt0/rootfilesystem.img /mnt1'<br>
- <= check your files...<br>
- <br>
- NOTE: it is not recommended to try and perform a filesystem check that
- starts having physical I/O errors. It will probably make things even
- more unrecoverable.</p>
- <p></p><br><a name="QVQWIA3HK45X8M47KB6N7V5KDDAWB7HSSYD1Y78814V0G" ="" id="QVQWIA3HK45X8M47KB6N7V5KDDAWB7HSSYD1Y78814V0G"></a><h1>3.2 Recovering deleted files or files from formatted drives (ntfsundeleteall, photorec)</h1><p>
- <style type="text/css">
- <!--
- @page { margin: 0.79in }
- P { margin-bottom: 0.08in }
- H2 { margin-bottom: 0.08in }
- A:link { so-language: zxx }
- -->
- </style>
- </p><p style="margin-bottom: 0in;" lang="en-GB">In TRK, there are
- several ways you can use to undelete files. What you should use depends
- on the state of your harddisk/filesystem and the success of recovery
- can vary between various methods.</p>
- <h2 lang="en-GB">Ntfsundeleteall</h2>
- <p style="margin-bottom: 0in;"><span lang="en-GB">The first method already explained earlier is </span><a href="http://trinityhome.org/Home/index.php?wpid=53&front_id=12"><font color="#0000ff"><span lang="en-GB"><u>ntfsundeleteall (section 2.8)</u></span></font></a><span lang="en-GB">,
- so I'm not going to re-explain this. What I should mention about this
- method is that it has a high recoverability ratio on recently deleted
- files (deleted in a normal way, not because of a crash or filesystem
- corruption). It does however a poor job on drives that have already had
- more write I/O over them. It is completely unusable on formatted drives.</span></p>
- <h2 lang="en-GB">Photorec</h2>
- <p style="margin-bottom: 0in;" lang="en-GB">In all other cases, you can
- try the photorec utility, which tries to recover any important kind of
- document from any filesystem. Be sure to run it by first changing to a
- place where you can write your stuff, because it saves its recovered
- output to a subfolder relative from where it was launched. Example:<br>
- 'mount //10.0.0.1/share /mnt0'<br>
- 'cd /mnt0'<br>
- 'photorec' <br>
- <br>
- If you suspect that your filesystem is corrupt, I would first try to
- run a chkdsk on it and see what it recovers. Then afterwards, see what
- shows up and, depending on what has become visible, use the ntfs
- capabilities of TRK or use photorec... But do not run a chkdsk if your
- disk is physically dieing!!! Try to do as little I/O possible on that
- disk. Running a chkdsk will probably render it even more unusable in
- that case.</p>
- <h2 lang="en-GB">Maybe ddrescue first</h2>
- <p style="margin-bottom: 0in;" lang="en-GB">If photorec is unable to recover because of too many corrupt sectors, you can try ddrescue.<br>
- This util tries to recover files and filesystems that are on locations
- with bad sectors. If it is really unable to read the bad sectors, it
- will pad them with zeroes. Your files will possibly be corrupted, but
- at least you will have saved whatever there is to save. If you ddrescue
- a complete filesystem (e.g. 'ddrescue if=/dev/hda1
- of=/mnt0/rescued-image.img), you can afterwards mount that image as a
- loopback filesystem ('mount -o loop /mnt0/rescued-image.img /mnt1') and
- rescue/undelete files like that.</p>
- <p></p><br><a name="7PFVZK0Q4R5TZMDJ351RJA8VHEBE66K4KQP91EPVWKEKX" ="" id="7PFVZK0Q4R5TZMDJ351RJA8VHEBE66K4KQP91EPVWKEKX"></a><h1>3.3 Recovering lost partitions (testdisk, gpart, fdisk)</h1><p>
- <style type="text/css">
- <!--
- @page { margin: 0.79in }
- P { margin-bottom: 0.08in }
- H2 { margin-bottom: 0.08in }
- A:link { so-language: zxx }
- -->
- </style>
- </p><p style="margin-bottom: 0in;" lang="en-GB">It can happen that you
- did something stupid or something inexplicable happened and your
- partition table has gone or is corrupted.<br>
- <br>
- To recover your partition tables, there are a few methods.</p>
- <h2 lang="en-GB">Fdisk</h2>
- <p style="margin-bottom: 0in;" lang="en-GB">I'm not referring to the Microsoft dos version of fdisk, but to the fdisk on Linux.<br>
- Actually what you do with this is to manually redesign your partition
- table. Of course, the risk here is that you have absolutely no idea how
- your partition table looked before or even if you had more than one
- partition. So this is a good strategy in the case of a disk having only
- a single partition.<br>
- Let us say, in this case, that the partition contains an NTFS filesystem on /dev/hda1<br>
- Make sure nothing is mounted (run umountallfs)<br>
- Run fdisk:<br>
- -'fdisk /dev/hda'<br>
- -In fdisk: press 'p' to print your actual partition table<br>
- If your actual partition table is a bad one, erase by removing each
- partition with 'd' and answer with the right partition number (in case
- of logical drives, first remove everything equal and above 5).<br>
- -'n' for new partition<br>
- Choose primary partition, press enter for start and end sector. Fdisk automatically assigns it as a Linux native partition.<br>
- -'t' to toggle the partition type. Ntfs is '7'<br>
- -'a' to make it active (choose '1'), since it's probably the bootpartition<br>
- -'w' to write your changes<br>
- <br>
- If this was your previous partition layout, you should now already be
- able to mount the ntfs partition. If not, you probably won't be able to
- boot from it either. But it should be, since this is the way to do it
- when the problem was simply a lost partition table.</p>
- <h2 lang="en-GB">Testdisk</h2>
- <p style="margin-bottom: 0in;"><span lang="en-GB">This is the more
- advanced method of recovering partitions. Run 'testdisk' at the command
- line, the rest speaks for itself (Intel partition table => Analyze
- => etc.). Read the testdisk documentation at</span><a href="http://www.cgsecurity.org/"><font color="#0000ff"><span lang="en-GB"><u>www.cgsecurity.org</u></span></font></a><span lang="en-GB"> <br>
- Testdisk is also very nice to repair bootsectors. Just play with it a
- little on a test machine to see what it all does. I have played around
- with it myself, and although there is no guarantee that you will be
- able to repair the bootsector every time, it still did a pretty good
- job where others failed. <br>
- Another thing I can recommend to you about testdisk: if it does not
- find all of your partitions in the first minute, there is probably not
- much left but some free disk space without a valid filesystem. It is
- safe to cancel already if you think it found all you need.</span></p>
- <h2 lang="en-GB">Cfdisk</h2>
- <p style="margin-bottom: 0in;" lang="en-GB">A menu based fdisk replacement, easier to use than the standard fdisk</p>
- <h2 lang="en-GB">Gpart</h2>
- <p style="margin-bottom: 0in;" lang="en-GB">Guess partitions: a utility
- that might recover your partitions too. However, it has not been
- maintained for a few years and I have not yet tested it myself.</p>
- <p></p><br><a name="L5ICUK4HDV6QAJA1ISR37W4DEYAHUY95TI8CT3KXNHCPR" ="" id="L5ICUK4HDV6QAJA1ISR37W4DEYAHUY95TI8CT3KXNHCPR"></a><h1>3.4 Bootsector repair</h1><p>
- <style type="text/css">
- <!--
- @page { margin: 0.79in }
- P { margin-bottom: 0.08in }
- H2 { margin-bottom: 0.08in }
- -->
- </style>
- </p>
- <h2 lang="en-GB">About bootrecords</h2>
- <p style="margin-bottom: 0in;" lang="en-GB">Several utilities can be applied to repair a bootsector and there is a lot that can be said about it.<br>
- I will only describe a few procedures for Windows and Linux bootsectors.<br>
- <br>
- In a PC style (x86) environment there are 2 ways a machine can boot
- from a harddisk: Either from the MBR (Master Boot Record) OR from the
- bootsector on the active partition. Historically, Windows has always
- booted from the active partition bootsector, but it also writes some
- stuff to the MBR of the disk. I don't know all the internals of the
- different bootprocesses, so please correct me if this documentation has
- it wrong.<br>
- Continuing: Linux can boot in the two different ways: Either it writes
- its code to the MBR (e.g. /dev/hda), OR it writes it to the active
- partition (e.g. /dev/hda1).</p>
- <h2 lang="en-GB">Check partitioning</h2>
- <p style="margin-bottom: 0in;" lang="en-GB">Sometimes the failure to
- boot can simply be a partitioning problem. In that case, refer to the
- previous section. If you rebuild your partitioning as it was before, it
- most likely will boot again.</p>
- <p style="margin-bottom: 0in;"><strong><span lang="en-GB">Never forget to set the correct active partition!</span></strong></p>
- <h2 lang="en-GB">Windows boot</h2>
- <p style="margin-bottom: 0in;"><span lang="en-GB">Let's take a quick look at procedures on how to repair Windows bootrecords.<br>
- As I already said, Windows booting depends on both the MBR and the partition bootrecord code.<br>
- <br>
- -</span><strong><span lang="en-GB">ms-sys</span></strong><span lang="en-GB"><b><br>
- </b></span><span lang="en-GB">This utility can write new MBR code to
- your disk. Type 'ms-sys -h' to obtain some help on the different
- parameters, but in most cases you run it first to analyse your disk.
- 'ms-sys /dev/hda', will tell you about your MBR.<br>
- 'ms-sys -m /dev/hda' will write an XP style MBR to your disk.<br>
- Remember that this utility deals only with the MBR. </span></p>
- <p style="margin-bottom: 0in;"><span lang="en-GB">For the windows bootsectors you must refer to other utils.<br>
- <br>
- -</span><strong><span lang="en-GB">testdisk</span></strong><span lang="en-GB"><br>
- I've tried testdisk to write new MBR code and it worked like a charm
- for me. What is also nice about it is that, when you go into advanced
- mode, you can also analyse the bootsector of the partitions and repair
- them if needed.<br>
- <br>
- -</span><strong><span lang="en-GB">the Windows bootcd way</span></strong><span lang="en-GB"><br>
- It might happen that none of these methods get you back into booting
- Windows, then there is one last method that you can try, which actually
- has nothing to do with TRK. Boot from the Windows XP cd and go to the
- recovery console. Make sure you know the password of the Windows system
- on the local disk. Otherwise, reset it first with 'winpass' on TRK.<br>
- -Now, once booted into the recovery console, it is a good thing to run checkdisk first: <br>
- 'chkdsk c: /p'<br>
- -Next run 'fixboot'<br>
- -And finally run 'fixmbr'<br>
- -'exit' to reboot<br>
- <br>
- -</span><strong><span lang="en-GB">if really nothing worked: FAT32</span></strong><span lang="en-GB"><br>
- Finally, if nothing did the trick, it means something is wrong in some
- way, I don't know, your disk geometry was laid out, filesystem were
- created, etc, etc. Sometimes it is even a mystery to me why a Windows
- will not boot when everything else says that it should. However, it
- often happens after I have cloned a PC with clonexp or Partition Image.
- Sometimes it works, sometimes it does not. </span></p>
- <p style="margin-bottom: 0in;"><span lang="en-GB">In that case there is one last resort: </span><strong><span lang="en-GB">recreate your Windows on a fat32 partition</span></strong><span lang="en-GB">.<br>
- For documentation on that, see the section:</span><strong><span lang="en-GB">3.5 Manually cloning a Windows installation. </span></strong><span lang="en-GB"><br>
- <br>
- </span><strong><span lang="en-GB">-ntfsreloc</span></strong></p>
- <p style="margin-bottom: 0in;"><span lang="en-GB">Very handy tool if
- your bootsector geometry does not correspond to what the bios claims it
- to be (the bios is actually wrong). Yet Windows bootsector finds
- it important it corresponds to the bios specifications. <br>
- This utility is invoked by mclone after cloning to make sure the
- bootsectors are exactly the same as they were (Linux adjusts them to
- LBA).<br>
- </span></p>
- <p style="margin-bottom: 0in;"><span lang="en-GB">Here 's the help output of ntfsreloc 0.7:<br>
- adjust filesystem geometry for a NTFS partition<br>
- Usage: ntfsreloc [-h # -t #] [-s start [-b]] [-w] [-f] [-p] device<br>
- where device points to an NTFS partition<br>
- <br>
- Options:<br>
- -w: Write new start sector to the partition.<br>
- -h # -t #: Specify number of heads and number of sectors per track<br>
- If omitted, determined via ioctl.<br>
- -s start: New start sector to write.<br>
- If omitted, determined via ioctl.<br>
- -b: Proceed even if the specified device is not a<br>
- partition (e.g. a regular file)<br>
- -f: Force the operation to occur even if device does not look<br>
- like a valid NTFS partition or values are equal.<br>
- -p: Print debug information (values read, values requested etc.)<br>
- <br>
- This utility displays the current starting sector as defined by the<br>
- the filesystem. No change will actually be made without the -w<br>
- option.<br>
- <br>
- Exit status is 2 if an error occured, 1 if a change was made or is needed<br>
- or 0 if the filesystem already has the correct values.<br>
- </span></p>
- <p> </p><br><a name="UHPDX3JS857PC91QX5QDU7JHMFX9NFZ8NECA7MT6HQKJQ" ="" id="UHPDX3JS857PC91QX5QDU7JHMFX9NFZ8NECA7MT6HQKJQ"></a><h1>3.5 Manually cloning a Windows installation</h1><p>
- <style type="text/css">
- <!--
- @page { margin: 0.79in }
- P { margin-bottom: 0.08in }
- H2 { margin-bottom: 0.08in }
- A:link { so-language: zxx }
- -->
- </style>
- </p><p style="margin-bottom: 0in;" lang="en-GB">This method describes
- how you can migrate a Windows installation to another computer and be
- sure it will boot as long as the Windows installation itself is not
- corrupt. Additionally, I will also describe how you could make your
- system bootable again with only a single computer/disk available.<br>
- <br>
- The way we approach this type of "cloning" is very simple: we create a
- fat32 partition, copy all data from the NTFS partition to it, let the
- Windows bootcd repair the MBR and bootsectors and Windows boots.
- Afterwards you can convert the filesystem back to ntfs from Windows.</p>
- <h2 lang="en-GB">The procedure</h2>
- <p style="margin-bottom: 0in;" lang="en-GB">Let's assume a few things
- first: you have two harddisks attached to 1 PC one of which might be
- dieing or chkdsk does not repair it and you can not use any cloning
- tool because it finds errors and exits (happens with Ghost and PQ Drive
- Image). In the case of a laptop computer, you do not have the
- possibility to attach a second disk unless via an external USB
- enclosure, which is not recognized under dos based utils. <br>
- In TRK you can either mount a remote disk with two PCs running TRK of
- which one is running in fileserver or secure shell server mode (see
- other sections on how to do that). The possibilities are myriad. <br>
- But our example here works with two local disks, the source disk being
- an NTFS partition, the destination disk empty or erasable. <br>
- Disks are respectively /dev/hda and /dev/hdb, the NTFS partition is /dev/hda1<br>
- -Make a large enough vfat filesystem on /dev/hdb. Use qtparted to do it graphically or use…</p>
- <p style="margin-bottom: 0in;"><span lang="en-GB">'fdisk /dev/hdb', <br>
- -'n' to create a new primary partition<br>
- -'1'<br>
- -'t' to toggle, code 'c'<br>
- -'a' set active '1'<br>
- -'p' to print all that is about to be done to the screen<br>
- -'w' to write and quit the partition table<br>
- -'mkdosfs -F 32 /dev/hdb1'<br>
- -mountallfs<br>
- -cp -a /hda1/* /hdb1<br>
- -Shutdown the PC, change the harddisks so your new disk becomes the primary (/dev/hda)<br>
- -Now, reboot with the Windows CD so we can make the disk bootable (I have found it to be the best way).<br>
- Follow the procedure described in </span><a href="http://trinityhome.org/Home/index.php?wpid=62&front_id=12"><font color="#0000ff"><span lang="en-GB"><u>3.4 Bootsector repair</u></span></font></a><span lang="en-GB"> .i.e. fixboot and fixmbr.<br>
- <br>
- Your Windows should now start. Once booted into windows, go to a command line and run 'convert c: /fs:ntfs'<br>
- Reboot and let your disk convert to ntfs <br>
- <br>
- I have noticed that the Linux 'cp' makes the windows systemdir (in most
- cases named WINDOWS) into lowercase. It is good practice to make it
- uppercase afterwards. Although Windows is supposed to be case
- independent (but still case aware), I've noticed that some services
- would not start until I uppercased it<br>
- -'cd /hdb1'<br>
- -'mv windows/ WINDOWS/'<br>
- <br>
- </span><strong><span lang="en-GB">One note here</span></strong><span lang="en-GB">:</span><strong><span lang="en-GB"> Windows XP will not boot from FAT 32 partitions larger than 32Gb</span></strong><span lang="en-GB">.
- So do not create them bigger than this. If you have more data to copy,
- I suggest you move your big files somewhere into a directory that you
- then omit copying.</span></p>
- <p></p><br><a name="JVI22F4QK5AFSUR3MHQC9ZW33AWHWA05W9XNES3PN4V5N" ="" id="JVI22F4QK5AFSUR3MHQC9ZW33AWHWA05W9XNES3PN4V5N"></a><h1>3.6 Hardware testing</h1><p>
- <style type="text/css">
- <!--
- @page { margin: 0.79in }
- P { margin-bottom: 0.08in }
- H2 { margin-bottom: 0.08in }
- A:link { so-language: zxx }
- -->
- </style>
- </p><p style="margin-bottom: 0in;"><span lang="en-GB">Although TRK does
- not claim to be the best hardware test method there can be, there are
- still a few utilities and procedures you can use to test the health of
- your computer.<br>
- <br>
- A lot of information about hardware and resulting errors can already be
- obtained by reading out the boot procedure and system information,
- described in section </span><a href="http://trinityhome.org/Home/index.php?wpid=57&front_id=12"><font color="#0000ff"><span lang="en-GB"><u>1.4 Reading information about your PC (dmesg, /proc/partitions)</u></span></font></a><span lang="en-GB">. Be sure to read that first. <br>
- <br>
- Here we are going to put ourselves a little more into stress testing.</span></p>
- <h2 lang="en-GB">Harddisk testing: Bonnie</h2>
- <p style="margin-bottom: 0in;" lang="en-GB">Bonnie is a utility that
- stress tests the I/O of your harddisks. If you want to measure
- performance or you just want your disk to run very hot, merely
- mountallfs your filesystems (for ntfs volumes run 'mountallfs -g') cd
- to a dir on the filesystem (e.g. 'cd /hda1') and execute 'bonnie'<br>
- Here is what it could show you:<br>
- <font face="Courier New, monospace">[root@trk]:(/hda1)# bonnie<br>
- File './Bonnie.3078', size: 104857600<br>
- Writing with putc()...done<br>
- Rewriting...done<br>
- Writing intelligently...done<br>
- Reading with getc()...done<br>
- Reading intelligently... done<br>
- Seeker 1...Seeker 2...Seeker 3...start 'em...done...done...done...<br>
- -------Sequential
- Output-------- ---Sequential Input-- --Random--<br>
- -Per
- Char- --Block--- -Rewrite-- -Per Char- --Block--- --Seeks---<br>
- Machine MB K/sec %CPU K/sec %CPU K/sec %CPU K/sec %CPU K/sec %CPU/sec %CPU<br>
- 1004500 16.368208.359559.59151 11.699855.1 132.01.5<br>
- [root@trk]:(/hda1)#<br>
- </font><br>
- Bonnie tests a number of write operations on your disk.<br>
- If you want it to run infinitely, just type 'run-bonnie'</p>
- <h2 lang="en-GB">CPU testing: burnP6</h2>
- <p style="margin-bottom: 0in;" lang="en-GB">This is a tool for
- overclockers and anyone who likes to know that their computer does not
- crash under heavy CPU load. It uses 100% cpu and makes bad cpus go mad
- (probably).</p>
- <h2 lang="en-GB">Network testing</h2>
- <p style="margin-bottom: 0in;" lang="en-GB">Actually, a real network
- testing utility is not included, but you can put a lot of stress on
- your network card just by transferring large files.</p>
- <h2 lang="en-GB">Memory testing</h2>
- <p style="margin-bottom: 0in;" lang="en-GB">The latest version of
- memtest+ is included. Just select it from the start menu of TRK (scroll
- down all the way to the bottom). It tells you information about your
- memory speed performance and tests to find any possible errors.</p>
- <p></p><br><a name="4PL88HNFBZGXK7BHVL44UCJIPXXUD8I7MU5L2JR38YRJW" ="" id="4PL88HNFBZGXK7BHVL44UCJIPXXUD8I7MU5L2JR38YRJW"></a><h1>3.7 Virus scanning</h1><p>See section <a href="http://trinityhome.org/Home/index.php?wpid=40&front_id=12">2.1 Virusscan</a> for all the information you need on virusscanning your PC with TRK.</p><br><a name="AKDLI8WEFV4L96NMKIKSXE2ZQWDFRHLSTQ42PQ6UB16AX" ="" id="AKDLI8WEFV4L96NMKIKSXE2ZQWDFRHLSTQ42PQ6UB16AX"></a><h1>3.8 Manual PC cleaning</h1><p>Use winclean, described in section 2.4 Winclean</p><br><a name="ZTZJTNZS1Z028YDFIX59T2IQNHU57JDW236KHV38JU1IH" ="" id="ZTZJTNZS1Z028YDFIX59T2IQNHU57JDW236KHV38JU1IH"></a><h1>4. Boot time options and triggers</h1><p>This
- section gives you more info on the internals of TRK, how and why to use
- the differen boot menu options and the triggers TRK has builtin for
- customisation. <br>
- For advanced users who want to automate more or need alternate ways of booting.</p><br><a name="Z034WGIXRNSS0HJZYHKU5ED0RRGXKGQA7I4TQDF6RYPH6" ="" id="Z034WGIXRNSS0HJZYHKU5ED0RRGXKGQA7I4TQDF6RYPH6"></a><h1>4.1 Boot menu options</h1><p>The
- boot options of the latest TRK 3.4 contain a lot of different
- things, but most of the time the default startup will do.<br>
- <br>
- Nevertheless, here are the options explained<br>
- <img alt="" src="helpdocs_files/trk34-b365-bootmenu.png" hspace="2" vspace="2"> <br>
- <br>
- <strong> -Default startup:</strong><br>
- This will run TRK 3.4 with all the default options enabled. This means
- it will run partly from CD/usb/network, keeping your CD/usb stick
- unavailable for other things in the meantime, but will boot faster.
- Keyboard will be default qwerty and fontsize about 3/4 of a normal font
- in a screensize of 800x600 in VESA compatible framebuffermode. Some
- videocards are not so VESA compliant and can therefore not benefit from
- the graphical possibilities of TRK (like the Intel 815 chipset). They
- will have to run in textmode, preventing them from using qtparted and
- links (and my nice background logo). When booting from network,
- you cannot unplug the network cable in this mode.<br>
- <br>
- <strong><br>
- 1) TRK 3.4 in failsafe mode (No menu, VGA, noacpi, noapic)</strong><br>
- In this mode, TRK will run with a few failsafe options by not
- employing the APIC chip nor the ACPI. Also framebuffer mode will be
- disabled, resulting in lower graphics and lack of background graphics
- that "soothen your jengled nerves". Use only in case of normal startup
- failure.</p>
- <p><br>
- <strong> 2) TRK 3.4 running from RAM (best >= 512mb, 256mb min)</strong><br>
- This option will run Trinity Rescue Kit completely from RAM, which
- means it copies all of its files into memory so your CD or usb stick
- becomes available for disconnection. In the case of PXE booted TRKs,
- you could disconnect the network at that moment. This requires at least
- 256Mb RAM, but recommended is 512Mb and more. Especially updated TRK
- versions require about 250Mb more because of the included
- antivirusccanners..<br>
- <strong><br>
- 3) TRK 3.4 - Run 'mclone' in client mode (!)</strong><br>
- On startup, TRK will mclone in client (i.e. RECEIVER) mode. <strong>Use with caution!</strong>
- This allows you complete local disk to be overwritten by a standard
- mclone in SENDER mode. This option is for people wanting to perform
- massive PC replication</p>
- <p> <strong><br>
- 4) TRK 3.4 in simple VGA mode (debugging of kernel output)</strong><br>
- If you know your machine won 't boot in framebuffer mode. As I said
- before: no links and no qtparted. This option is also useful in case
- your TRK doesn 't initiate any output on the screen and you suspect it
- to hang on kernel initialisation. Many times it means there 's a
- problem with the ACPI interface of the machine. I 've noticed this
- quite regularly on HP/Compaq machines.<br>
- <strong><br>
- 5) TRK 3.4 with Belgian keyboard (use menu for other)</strong><br>
- Since me, Harakiri, is a Belgian, I include my own keyboard as a
- menu option. Other keyboards can be selected from the startup
- menu. Internationalisation is set to UTF-8, which should now
- really be fixed since TRK 3.4<br>
- <strong><br>
- 6) TRK 3.4 - Virusscan all drives (Clamav, non interactive)</strong><br>
- Runs virusscan on all your drives. Stupid option actually, but this is
- about the only thing you can do that is set-and-forget without the need
- for any interaction. This runs virusscan without any arguments, so with
- ClamAV. You will get no login as long as this is running. Nice option
- for sysadmins who want to set and forget it. But you can equllay wait
- for startup and select a few other virusscan arguments from the
- TRK menu.<br>
- <br>
- <strong> 7) TRK 3.4 - Try more pcmcia and usb nics (when not detected)</strong><br>
- I found that kudzu is not really good with PCMCIA cards and USB stuff
- and I found out that the easiest way fix this was to just have support
- for pcmcia bridges compiled in my kernel, start cardmgr and try every
- module I find until success. Same with USB nics. This will only try
- this for PCMCIA and USB ethernet cards/adapters.<br>
- <br>
- <strong> 8) TRK 3.4 - Try more SCSI drivers (when disks not detected)</strong></p>
- <p>Same argument as with the latter: if your local disks are not found,
- try this option to try and load every other more exotic driver
- module. Be warned: this might lock up your computer.</p>
- <p><strong> 9) TRK 3.4 with a secure shell server enabled</strong><br>
- Run a ssh server, a very nice feature, giving you the ability to
- remotely work on a machine that your nexter has started up for you.<br>
- For security reasons, you will first get prompted to create/change the
- password, after which in green will be displayed the IP-addresses your
- TRK will listen to. However, if you're running an updated TRK on
- which you have changed the root password (which by default is 'trk'),
- you will not be prompted anymore for a password change and your
- TRK will be immediately accessible over ssh. Your user will
- just have to inform you the ip-address.<br>
- <br>
- <strong> 10) TRK 3.4 - Execute local scripts on harddrive of PC</strong><br>
- Run local scripts from ./trk/trk3local.conf found on any local
- filesystem. In this way you can make computer specific scripts and put
- them on the harddisk. More info, see section "Triggers"<br>
- <strong><br>
- 11) TRK 3.4 as bootserver to boot other TRK clients<br>
- </strong>This option is magic: it makes your local copy of TRK run as a
- server to have itself booted over the network. Read more on
- trkbootnet ins the section Network booting</p>
- <p><strong> 12) TRK 3.4 - Fileshare all drives as guest, no security</strong><br>
- This is the same as the previous option, but this will share all your
- drives without any security boundary or username. Be careful with this,
- use only in a trusted environment.<br>
- <br>
- <strong> 13) TRK 3.4 - Single user mode (no menu)</strong><br>
- Starts TRK in very basic mode, sometimes useful when your PC hangs or crashes on hardware detection or some other error.<br>
- <br>
- <strong> </strong><strong>14) TRK 3.4 - Acpi=off, noapic PCI=^bios (Alternate boot 1)</strong><br>
- Some problematic machines with lousy ACPI controls might boot with this
- option. Happens regularly on some older Compaq machines. This will
- disable acpi and apic and will use the bios' PCI routing table. Try
- this when TRK hangs on early startup.<br>
- <strong><br>
- 15) TRK 3.4 - Acpi=off, noapic PCI=any (Alternate boot 2)</strong><br>
- This is almost the same option as the previous one, but I let the
- kernel decide what PCI mode should be used. I needed this mode on the
- brand new HP DC7700 machines with Intel Duo Core because it hung on
- kernel initialisation in the PCI part.<br>
- <br>
- <strong>16) TRK 3.4 - PCI=conf2 (Alternate boot 3)</strong><br>
- Another option you can try on PC's with strange PCI bridgings.</p>
- <p><br>
- <strong> 17) <strong>TRK 3.4 - </strong><strong>Verbose startup for debugging</strong> (no menu)</strong><br>
- I use this to see what scripts are doing or sometimes your PC might
- hang on something but you don 't know what: try this, but don 't get
- frightened by all the output.<br>
- <strong><br>
- 18) TRK 3.4 - SSH, boot- and guest fileserver, run from RAM</strong><br>
- This is a combination of a few options This is a quite common
- combination you would need when cloning PCs from 1 TRK to another and
- you only have one TRK cd handy.</p>
- <p><strong>19) TRK 3.4 - Run from RAM, run mclone as client</strong><br>
- Another combination that explains itself</p>
- <p><strong>20) TRK 3.4 with proxyserver support enabled</strong><br>
- Start TRK with default options and prompts you for a proxyserver. In
- fact, it just calls for "setproxy", which prompts you for the proxy
- server address (hostname or ip), portnumber and optionally username and
- password (leave blank for none)</p>
- <p><strong>21) TRK 3.4 - All devices set to read-only</strong><br>
- This is an option for forensic researchers who don't want to touch
- anything on the local computer but don't have a hardware write blocking
- device. This sets all of your disks to read-only on a kernel level.</p>
- <p><strong> 22) Memory tester memtest+ v1.65</strong><br>
- Almost every distribution comes with this on startup, but this way it
- 's included in this one too. Nice to test your memory banks with, but
- real life tests are still much more certain. Still, it might do the
- trick for you and find you a bad module.</p><br><a name="EUGBVSAKSIDQ4SSW21D1CDTZC5RKS0DXKJY51ZFJ7J022" ="" id="EUGBVSAKSIDQ4SSW21D1CDTZC5RKS0DXKJY51ZFJ7J022"></a><h1>4.2 Triggers</h1><p>TRK contains a number of so called "triggers", things it checks for and reacts upon when existing.<br>
- Very handy for regular TRK users who want to customise it a little.</p><br><a name="9PAH415576DS0RB2Z5DH8AQ1XFD42G21V39QU4LS1P9S6" ="" id="9PAH415576DS0RB2Z5DH8AQ1XFD42G21V39QU4LS1P9S6"></a><h1>4.2.1 The TRK options server: make your lan TRK aware</h1><p>TRK
- has quite a few ways you can customise it or have custom scripts be
- run. These scripts can run automatically because I 've built in
- numerous placeholders for them which I call "triggers"<br>
- <br>
- If you are a regular user of Trinity Rescue Kit, you might find it
- useful to have some default parameters set according to your
- environment i.e. lan<br>
- Ever since TRK 3.1, there 's a feature that makes your lan "TRK-aware"
- since a system administrator can configure his lan in a way any TRK3
- can take advantage of it in terms of proxy configurations and user
- optional script executing, a much wanted feature from the past, but
- hard to implement since you 're working with read-only media.<br>
- Finally, the solution is kind of revolutionary: by activating an
- otherwise unused parameter in you DHCP server, you can have a TRK point
- to a server where it can find its config and scripts.<br>
- This option is from an obsolete RFC from 1983 called 'Resource location
- server', which was a UDP protocol that could tell you where to find
- things like routes and smtp servers. I 'm using it now to provide TRK
- with an IP-address where it can find a simple webserver on which
- resides /trk/trk3options.conf<br>
- If you 're running ISC dhcpd, add this line to /etc/dhcpd.conf:<br>
- option resource-location-servers your-trk-webserver-ip-address;<br>
- On a Windows server, go to Administrative tools=>DHCP => go to
- your scope => scope options => option 11 Resource Location
- Servers.<br>
- I wouldn 't worry too much about enabling this option to break
- something in your network. I 've been running this for some time now at
- my office where there are about 100 Windows PCs on dhcp. Nobody hasn 't
- complained so far.<br>
- <br>
- Anyway, when a TRK 3.2 boots and finds a '<strong>resource location server</strong>' from DHCP, it will indeed look for resources from this configuration file.<br>
- Below is an example of such config file, it more or less speaks for itself.<br>
- The file is /var/www/html/trk/trk3options.conf on my local webserver<br>
- <br>
- <font face="Courier New"> TRKSECTION WGET BEGIN<br>
- http_proxy=http://10.34.5.201:8080<br>
- proxy_user=johndoe<br>
- proxy_passwd=doesinc<br>
- timeout = 10<br>
- tries = 2<br>
- TRKSECTION WGET END<br>
- <br>
- TRKSECTION LINKS BEGIN<br>
- http_proxy 10.34.5.201:8080<br>
- TRKSECTION LINKS END<br>
- <br>
- TRKSECTION CHECKUPDATESARGS BEGIN<br>
- -proxy-server=http://10.34.5.201:8080<br>
- -proxy-username=johndoe<br>
- -proxy-password=doesinc<br>
- TRKSECTION CHECKUPDATESARGS END<br>
- <br>
- TRKSECTION TRKSCRIPT BEGIN<br>
- #!/bin/bash<br>
- # <br>
- if [ -f /etc/proxy.conf ]; then<br>
- echo "Setting proxy params in freshclam.conf"<br>
- if [ ! -f /etc/freshclam.conf.bak ]; then<br>
- cp -f /etc/freshclam.conf /etc/freshclam.conf.bak<br>
- fi<br>
- <br>
- if ! [ "rjohndoe" = "r" ]; then <br>
- sed "s/# Proxy settings/\nHTTPProxyServer 10.34.5.201\nHTTPProxyPort
- 8080\nHTTPProxyUsername johndoe\nHTTPProxyPassword doesinc/"
- /etc/freshclam.conf > /etc/fresclam.conf~<br>
- else <br>
- sed "s/# Proxy settings/\nHTTPProxyServer 10.34.5.201\nHTTPProxyPort 8080/" /etc/freshclam.conf > /etc/fresclam.conf~<br>
- fi;<br>
- mv -f /etc/fresclam.conf~ /etc/freshclam.conf<br>
- chmod 700 /etc/freshclam.conf<br>
- if [ -f /etc/avg.conf ]; then<br>
- echo "Setting proxy params in avg.conf"<br>
- if [ -f /etc/avg.conf.bak ]; then<br>
- # Take a backup of the original avg.conf if necessary<br>
- cp -f /etc/avg.conf /etc/avg.conf.bak<br>
- fi;<br>
- sed -e s'/proxy = off/proxy = 10.34.5.201:8080/' /etc/avg.conf > /etc/avg.conf~<br>
- mv -f /etc/avg.conf~ /etc/avg.conf<br>
- chmod 700 /etc/avg.conf<br>
- sed -e s'/proxyLogin = off/proxyLogin = johndoe:doesinc/' /etc/avg.conf > /etc/avg.conf~<br>
- mv -f /etc/avg.conf~ /etc/avg.conf<br>
- fi;<br>
- <br>
- if [ -f /opt/BitDefender-scanner/etc/bdscan.conf ]; then<br>
- echo "Setting proxy params in bdscan.conf"<br>
- if [ ! -f /opt/BitDefender-scanner/etc/bdscan.conf.bak ]; then<br>
- cp -f /opt/BitDefender-scanner/etc/bdscan.conf /opt/BitDefender-scanner/etc/bdscan.conf.bak 2>/dev/null<br>
- sed "s/#HttpProxy =/\nHttpProxy = johndoe:doesinc@10.34.5.201:8080/"
- /opt/BitDefender-scanner/etc/bdscan.conf >
- /opt/BitDefender-scanner/etc/bdscan.conf~ <br>
- mv /opt/BitDefender-scanner/etc/bdscan.conf~ /opt/BitDefender-scanner/etc/bdscan.conf<br>
- <br>
- fi;<br>
- fi;<br>
- fi; <br>
- TRKSECTION TRKSCRIPT END</font> <br>
- <br>
- <br>
- -TRKSCRIPT is a section where you can do basically anything you want,
- so be very carefull with what you put in here because it will have an
- effect on any machine you boot with TRK3 . It will basically execute as
- a script in the same environment from the last script run by TRK,
- /etc/init.d/trklocal<br>
- What I put in the example here is to download an adapted version of the
- ClamAV config file 'freshclam.conf'. Refer to the ClamAV manpages for
- help on this file, but in here I 've put my proxy parameters too.<br>
- I don 't need to tell you what other opportunities this opens up.<br>
- <br>
- If you think this file is too complicated for you to create, don 't
- worry: just start a TRK, run 'setproxy' and this will generate the file
- /etc/trk3options.conf<br>
- Copy this file to your webserver and you 're all set.<br>
- <br>
- If you run setproxy afterwards, you will override alls settings given by your trk3optionsserver.</p><br><a name="CA4YM8MPTJ078B4RZR3V7NZDL7WUM33Q4XDGWQVE0KCZM" ="" id="CA4YM8MPTJ078B4RZR3V7NZDL7WUM33Q4XDGWQVE0KCZM"></a><h1>4.2.2 Scripts on the computer's local harddisks</h1><p>Another
- trigger is to have a script executed from the computer 's local
- harddisk, allowing you to run commands specifically for the computer.
- It is in the same format as the trk3options.conf: you have TRKSECTION
- TRKSCRIPT (only this section) where you write your parameters. This
- will be generated into a script called /bin/trklocscript-<name of
- the drive> (f.i. /bin/trklocscript-hda1) and executed at the end of
- the TRK startup procedure.<br>
- The location of this script has to be in the folder .trk (dot trk) on
- the root of the local partition. In this folder you put the file called
- trk3local.conf.<br>
- A sample trk3local.conf could look like this:<br>
- <font face="Courier New"><br>
- TRKSECTION TRKSCRIPT BEGIN<br>
- <br>
- #!/bin/bash<br>
- # Script for maintenance and backup on Windows machines<br>
- # Clean up this drive a little and do a virusscan on it<br>
- cd /hda1/Documents\ and\ Settings<br>
- for i in *; do rm -rf "$i"\Local\ Settings\Temp\*; rm -rf "$i"\Local\ Settings\Temporary Internet Files\*;<br>
- done;<br>
- virusscan -a fprot<br>
- # Now back up the userdata of all local profiles to a network drive<br>
- mount -o username=john,password=doe //10.0.0.5/backups /mnt0<br>
- for i in *; do mkdir /mnt0/"$i" 2>/dev/null; echo "Backing up
- documents of $i"; cp -rvf "$i"/My\ Documents /mnt0/"$i"; done<br>
- umountallfs<br>
- <br>
- TRKSECTION TRKSCRIPT END</font></p><br><a name="B8MI3TRVGJ2SY2XHN562I89WYSUF20I4ZWCSETDL364RY" ="" id="B8MI3TRVGJ2SY2XHN562I89WYSUF20I4ZWCSETDL364RY"></a><h1>4.2.3 Script on the TRK medium</h1><p>If
- you want some modifications to TRK and don 't want to fiddle directly
- into TRK's own scripts, you can add a script to the CD/usb stick/NFS
- share as /trk3/trklocscript. Unlike the previous trigger, this
- has to be a normal bash script.<br>
- The advantage of having scripts outside the TRK files is that you can
- upgrade your TRK afterwards, without having to redo your work every
- time: in case of a USB stick or NFS share, you just leave the script
- where it is, in case of a CD, you re-add the trklocscript to the
- multisession bootcd.<br>
- From this script you can trigger any other script you like, f. i. adding more software to your TRK.<br>
- Example trklocscript:<br>
- <br>
- <font face="Courier New">#!/bin/bash<br>
- # Go to /tmp, which is on virtual shared memory, about half the size of your RAM<br>
- cd /tmp<br>
- mkdir /tmp/extrabin<br>
- cd extrabin<br>
- # Use the variable $TRKMOUNTDIR so you always copy/execute from the right location<br>
- tar xzf $TRKMOUNTDIR/trk3/extrabinaries.tar.gz<br>
- # This will set the PATH globally<br>
- export PATH=$PATH:/tmp/extrabin</font></p><br><a name="SMFWK0I2J980KIYM9IK3CSPF1J06UQ3C29YDZ75874YID" ="" id="SMFWK0I2J980KIYM9IK3CSPF1J06UQ3C29YDZ75874YID"></a><h1>5. Upgrade, update and change of bootmedia procedures</h1><p>TRK 3.4 is able to boot from more than CD alone. You can <strong>boot it from a USB</strong> stick, USB disk, even a fixed harddisk if you like. And the most nifty feature: <strong>boot it from network over PXE!</strong><br>
- This part of the documentation describes how to change over to different bootmethods, upgrade and customise more of TRK.<br>
- Putting TRK to a USb stick shouldn 't take more than 5 minutes.<br>
- Ad hoc booting from network is even simpler: make sure your network has
- a running dhcp server (a standard home router will do), boot TRK on
- 1 computer and run trkbootnet. Next boot the other
- computer(s), select the network card as the bootdevice and voilà: a TRK
- booting from another TRK</p>
- <p><br>
- Making TRK run from PXE takes a little longer to set up, but it 's
- worthwhile when you have a big lan to manage. Once set up, upgrading to
- new versions is piece of cake.</p>
- <p>In the next sections you will find instructions on how to set up a
- bootserver under Linux and there 's also a contributed documentation on
- how to do it on a Windows machine.</p><br><a name="VCMNDG08JQ9JED3YXFLITGXVHLRRQIXBL9PPFEMQUMZZR" ="" id="VCMNDG08JQ9JED3YXFLITGXVHLRRQIXBL9PPFEMQUMZZR"></a><h1>5.1 TRK on CD</h1><p>TRK
- is in the first place known as a BOOTCD. So even if burning an isofile
- to a CD is about the simplest thing to do, I will nevertheless
- commit a piece on how you can get TRK on a cd properly.</p>
- <p>If you really want a no brainer, try the executable, self burning
- version of TRK from the download section. You don't need any burn
- software to be installed on your computer, but it does require that you
- have administrator rights.<br>
- And how to do it: download, save locally and double click <span class="postbody">trinity-rescue-kit.3.4-build-366.exe
- (or the latest version), answer "Yes" after you made sure you have a
- blank CD-R in your CD writer and just sit back and relax.<br>
- </span></p>
- <p><span class="postbody">If you want to burn TRK from the isofile, there are several options and programs.<br>
- For Windows 7 users it's easy: right click on the file and select the option to burn it to CD.<br>
- All other users have several possibilities.</span><br>
- 1 free and rather easy possibility is to <span class="postbody">use MagicIso, which is free for isos up to 300mb. At the end of this document you will find it explained in screenshots.<br>
- Another free alternative is CD Burner XP Pro, which is a very
- good and full fledged CD burning software as a whole by the way.<br>
- </span></p><br><a name="FIRS44G0F6QRJDGPU467B1R5DHKC3QV9ZCRU6XJBUZS43" ="" id="FIRS44G0F6QRJDGPU467B1R5DHKC3QV9ZCRU6XJBUZS43"></a><h1>5.2 How to install/upgrade your USB media to run the latest version of TRK</h1><h2>Installing from Windows</h2>
- <p>This procedure is also valid for new TRK installations on any bootable media that has:<br>
- -been formatted as FAT16 or FAT32 (Syslinux documentation recommends FAT16, but FAT32 is tested and works as well)<br>
- -smaller or equal than 1Gb (=max 16k clusters). Bigger (and fat32) is
- allowed but is subject to less compatibility. Please report me on any
- PC that refused to boot in that way.<br>
- -this partition made active <br>
- -<strong>TRK_3-4</strong>
- as a volume label (exactly like this). Another volume label (e.g.
- RESCUEDISK is possible, but than you would have to add
- "vollabel=RESCUEDISK" after each line that says "append initrd=..." in
- /syslinux.cfg</p>
- <p>But this is not guaranteed to boot from any PC that can boot USB.
- Better is to use trk2usb from TRK itself (when booted from CD of
- course).<br>
- <br>
- The rest of the installation course is like upgrading, so follow the
- guidelins below. If you 're unable to bring it to a success using this
- procedure, I recommend you download the ISO version of TRK, burn and
- start from that, plug in your USB stick and run <a href="http://trinityhome.org/Home/index.php?wpid=50&front_id=12">trk2usb</a></p>
- <h2>Upgrading (and installing continued) from Windows </h2>
- <p>Prerequisites: 7-zip or any archive application that can open iso files.<br>
- -Download trinity-rescue-kit.3.4-build-366.iso (or the latest version)<br>
- -Plug in your USB stick with the old version of TRK <br>
- -Open the file trinity-rescue-kit.3.4-build-366.iso and extract it to
- your USB drive root (we will call it the G: drive in this case)<br>
- -Open a command prompt 'cmd'<br>
- -Go to your USB drive: 'G:'<br>
- -'cd trk3'<br>
- -'syslinux G:' ('syslinux -f G:' if it refuses because windows reports it to be a fixed drive)<br>
- -'exit'<br>
- -eject the device and try booting from it (use the 'safely remove hardware' from the system tray)</p>
- <h2>Installing from Linux</h2>
- <p>I 'm not describing in detail how you should install TRK from Linux,
- since it might require you to install special packages and perform
- complicated operations. Someone who doesn 't fear this will have enough
- with this short procedure<br>
- Here goes:<br>
- -prerequisites: mtools, syslinux 3.31<br>
- -figure out your USB stick device (most of the time /dev/sda)<br>
- -run 'mkdiskimage -4 /dev/sda -s 0 64 32' (from the syslinux package).
- This will completely erase and format your drive to maximum 1Gb. If you
- want to pass this limit, use fdisk and mkvfat -f 32 /dev/sda1, but
- beware this can be less compatible.<br>
- -edit /etc/mtools.conf and add the line: <font face="Courier New">drive c: file="/dev/sda4" </font><br>
- -'mlabel c:TRK_3-4'<br>
- -the next steps are the same as upgrading from Linux, so read below</p>
- <h2>Upgrading from Linux</h2>
- <p>-Download trinity-rescue-kit.3.4-build-366.iso (or the latest version)<br>
- -Plug in your USB stick with the old version of TRK 3.4<br>
- -Check what device id it has been assigned using 'dmesg | tail'<br>
- -Assuming your USB stick is /dev/sda and your TRK partition /dev/sda4
- and we use /mnt/disk1 as mountpoint: 'mount /dev/sda4 /mnt/disk1'<br>
- -'cd /mnt/disk1'<br>
- -assuming trinity-rescue-kit.3.4-build-366.iso is downloaded to /home/user and the mount point /mnt/disk2 exists/:<br>
- -'mount -o loop /home/user/trinity-rescue-kit.3.4-build-366.iso /mnt/disk2'<br>
- -'cd /mnt/disk2'<br>
- -'cp -avf * /mnt/disk1/<br>
- -'cd trk3'<br>
- -'umount /mnt/disk1'<br>
- -'./syslinux /dev/sda4'</p><br><a name="DJQBVW3TV8F9F6T9P2QZJ9WFCCVH0HU3SA5CWYWHX2G2Z" ="" id="DJQBVW3TV8F9F6T9P2QZJ9WFCCVH0HU3SA5CWYWHX2G2Z"></a><h1>5.3 Setting up your PXE boot environment</h1><p>Ever
- wondered what you could do with that PXE stuff from your network card
- at boot time? Well you could run a TRK on your network.</p>
- <h2>1. Prerequisites</h2>
- <p>Here 's what you need:<br>
- -the latest TRK<br>
- -A (wired) local area network<br>
- -Computers with PXE compliant hardware<br>
- -A decent configurable dhcp server<br>
- -A Linux machine or any OS that can run an NFS server (not Windows, or else a third party soft)<br>
- -A TFTP server (these last 3 things can all run on the same server)<br>
- <br>
- <br>
- Time to install and configure everything: 15 minutes (if you understand everything directly)</p>
- <h2>2. Put the TRK files somewhere</h2>
- <p>Download the latest tar.gz distributed TRK version (version 275 and
- up) and unpack it somewhere on your Linux nfs/tftp server. In this case
- we 're going to assume unpacking it to /home/trkfiles. User and group
- ownership is ok for root, just make sure it 's world readable (is
- normally ok, but just in case)<br>
- commands:<br>
- 'cd /home/trkfiles'<br>
- 'tar xzf /tmp/trinity-rescue-kit-3.2-build-275.tar.gz'<br>
- <br>
- You can also copy your files from your TRK CD, usb stick or mount the
- iso file with a loopback device and copy everything from there.<br>
- <br>
- <strong>Keep in mind:</strong> This is the location where all of your
- TRK files will reside. The folder you are about to use will be the same
- for your TFTP server as for your NFS share. Make sure they are the
- same, not a subfolder of the other!<br>
- <br>
- There 's another thing you should do, that 's generating a default
- pxelinux config file (/home/trkfiles/pxelinux.cfg/default). I 've
- created a small script that does it for you, based on the normal
- isolinux/syslinux config files. This is something you need to do
- everytime you upgrade TRK<br>
- -Go to /home/trkfiles/trk3 'cd /home/trkfiles/trk3'<br>
- -'./mkpxelinux'<br>
- The script will prompt you for an nfs path to specify. This is the
- ip-address of your server combined with the path where TRK resides.
- This is necessary for the secondary startup phase of TRK. If you omit
- this, you will get weird results when booting.<br>
- An example you could fill in is '192.168.81.5:/home/trkfiles'</p>
- <h2>3. Setting up DHCP</h2>
- <p>I 'm going to discuss 2 DHCP servers.<br>
- <br>
- <strong>First the ISC dhcp server</strong>, which is about the standard in most Linux distributions.<br>
- Here 's what the dhcp.conf should more or less look like, depending on your site configuration.<br>
- It 's what 's in bold that 's important.<br>
- Note that in this situation ALL of your machines will be able to boot from PXE.<br>
- If you omit the PXE parameters ('next-server' which is your TFTP server
- and 'filename') from the general dhcp parameters and put them in the
- section 'group' (what' s commented out with #), you can specify PXE
- booting per host based on the host's mac address.<br>
- <br>
- <font face="Courier New"> allow booting;<br>
- allow bootp;<br>
- ddns-update-style none;<br>
- subnet 192.168.81.0 netmask 255.255.255.0 {<br>
- # default gateway<br>
- option routers 192.168.81.2;<br>
- option subnet-mask 255.255.255.0;<br>
- <br>
- option domain-name "trinityhome.local";<br>
- option broadcast-address 192.168.81.255;<br>
- <br>
- # Seting up an ip address is better here<br>
- option domain-name-servers 192.168.81.2;<br>
- option nis-domain "trinityhome.local";<br>
- <br>
- range dynamic-bootp 192.168.81.128 192.168.81.254;<br>
- default-lease-time 21600;<br>
- max-lease-time 43200;<br>
- # PXE directives<br>
- next-server 192.168.81.5;<br>
- filename "/pxelinux.0";<br>
- <br>
- # group {<br>
- # host testtrk {<br>
- # hardware ethernet 00:0C:29:A1:E9:E5;<br>
- # fixed-address 192.168.81.253;<br>
- # next-server 192.168.81.5;<br>
- # filename "/pxelinux.0";<br>
- # }<br>
- # }</font> <br>
- <br>
- <strong>Second DHCP server is with a Microsoft DHCP</strong>.<br>
- -Run the DHCP snap-in<br>
- -Go to your active scope => scope options => right click in it and select 'Configure options'<br>
- -Activate option '066 Bootserver hostname' and option '067 Bootfile Name'. <br>
- -Put for hostname the IP-address of your TFTP server alltogether. <br>
- -For bootfilename '/pxelinux.0'</p>
- <h2>4. Setting up a TFTP server (primary bootprocess)</h2>
- <p>I 'm using the tftp-hpa-0.43a TFTP server, which is recommended by
- the syslinux developer. Download it from kernel.org:
- http://www.kernel.org/pub/software/network/tftp/<br>
- Download, unpack, configure and make && make install it.<br>
- It 's also possible it was already in your distribution, so you don 't need to compile it.<br>
- To have the tftp server run from the commandline as a daemon, using
- /home/trkfiles as the dir where your TRK resides, type 'in.ftpd -l -s
- /home/trkfiles'<br>
- In fact, this whole procedure so far is also explained on the syslinux homepage.<strong><br>
- </strong></p>
- <h2>5. Setting up NFS (secondary bootprocess)</h2>
- <p>This is for a very basic NFS setup. TRK only needs read only access
- on NFS, so there 's no big security issue for this simple setup.<br>
- NFS relies on 1 configuration file for its shares: /etc/exports<br>
- Edit /etc/exports and add the next line, again assuming /home/trkfiles
- is where your TRK resides. This is the same folder as your TFTP server
- root!<br>
- '/home/trkfiles *(ro,no_root_squash)'<br>
- Restart your NFS service.<br>
- <br>
- <br>
- That 's it, you 're all set. Take a machine in your lan, power it on,
- press F12 and boot from network with TRK. It should boot even faster
- than from CD or disk.<br>
- When a newer version of TRK appears, all you need to do is download and
- unpack in the same dir where it resided before and regenerate your PXE
- config with mkpxelinux<br>
- <br>
- In the event you gave wrong parameters or your NFS has any problem at
- all to get mounted, TRK will drop to a basic shell allowing you to
- debug what's happened.</p>
- <h2>6. Custom security and triggers</h2>
- <p><strong>Setting it up</strong><br>
- <br>
- In some cases you cannot have the physical console of a machine, but it
- can be remotely booted from network with TRK on PXE.<br>
- You could run a ssh server, but TRK by default will not run one because
- there would be no security (the default password for root is 'trk').<br>
- In this case I 've developed a possibility to have a custom shadow file
- (=holds encrypted versions of passwords on a Linux machine) or even
- better the use of RSA public keys.<br>
- Furthermore, there 's also a check for a custom, per host
- trk3options.conf file, should you not have a trk3optionsserver
- environment (feature since TRK 3.1).<br>
- Also it will look for a custom trklocscript, so you can launch anything else you like.<br>
- Here 's the way to set it up:<br>
- -In the directory where your TRK files reside, create a directory called 'pxeconfig'<br>
- -in the directory pxeconfig, create directories named according the mac-address of your custom hosts.<br>
- If your hosts network card is 00:0C:29:A1:B9:E5, then create that
- directory, but use hyphens instead of colons, just to avoid filesystems
- that don 't accept colons. So in this case create directory
- '00-0C-29-A1-B9-E5'<br>
- <br>
- <strong>Security and other triggers</strong><br>
- <br>
- -Per host shadow file<br>
- In the mac-address based directory you can now put a custom shadow
- file. This will be detected upon startup of TRK on the host with the
- matching network interface and copied locally.<br>
- Once copied, TRK will start a secure shell server allowing remote
- control of the machine with the matching root password from the custom
- shadow file.<br>
- <br>
- -Per host authorized_keys file<br>
- Another way of having custom security for ssh is the use of rsa
- key authentication. This is fairly easy to setup. The method of
- public/private key authentication is standard secure shell and is
- explained anywhere on the internet. I will therefore not explain how
- you should generate a public/private keypair.<br>
- What 's important is that you copy the public key of the root user to a
- file called 'authorized_keys'. In general, one key is enough, so it 's
- ok to copy the file id_rsa.pub or identity.pub to 'authorized_keys'
- into our /<trkpxefiles>/pxeconfig/<mac-addres>/ directory.<br>
- Upon startup, this file will be detected and gets precedence over a
- custom shadow file. Once this file is copied, TRK will disable password
- based authentication, so you can only login with your private key<br>
- <br>
- -Per host or general trk3options.conf and trklocscript file<br>
- Just like with a trkoptionsserver, you can have a custom
- trk3options.conf file in which you can specify custom proxy settings or
- a complete script. Just put the file in
- /<trkpxefiles>/pxeconfig/<mac-addres>/ for per host
- trk3options.conf or in /<trkpxefiles>/pxeconfig/ to have this
- file for general use for all local TRK hosts.<br>
- The same principle goes for trklocscript, a script that will get
- executed when found. Place this script in /<trkpxefiles>/trk3/
- and it will get executed on startup.</p><br>
- </div>
- <!-- Author: Tom Kerremans Prints: 0 Created: 5/15/2006 Updated: 8/11/2010 -->
- </div><!-- close page-container -->
- </div>
- <br class="brclear">
- <div id="print-footer">
- <!-- Document Footer -->
- Trinityhome.org
- <script language="JavaScript" type="text/javascript">
- <!--//--><![CDATA[//><!--
- window.print();
- //--><!]]>
- </script><br class="brclear">
- <div class="copyright">Copyright 1996-2010 Trinityhome All rights reserved.</div><div style="color: rgb(204, 204, 204); font-style: italic; padding-left: 5px;">Powered by <a style="color: rgb(204, 204, 204);" href="http://trinityhome.org/barts_cms/" title="Bart's CMS [Business Edition] Version 4.0.110 [Stable]">Bart's CMS</a></div><div style="padding: 2px;"><a href="http://trinityhome.org/barts_cms/" title="Powered by Bart's CMS [Business Edition] Version: 4.0.110 [Stable]"><img src="helpdocs_files/el_powered.gif" alt="Powered by Bart's CMS [Business Edition] Version 4.0.110 [Stable]" style="border: 0px none ;" height="23" width="103"></a></div>
- <!--<div style="color:#ccc;font-style:italic;padding-left:5px;">Powered by <a style="color:#ccc;" href="http://trinityhome.org/barts_cms/" title="Bart's CMS [Business Edition] Version 4.0.110 [Stable]" >Bart's CMS</a></div> -->
- </div>
- </div>
- </body></html>